* question on the nat table and iptables && REDIRECT
@ 2002-09-23 5:38 Joe
2002-09-23 15:17 ` Antony Stone
0 siblings, 1 reply; 2+ messages in thread
From: Joe @ 2002-09-23 5:38 UTC (permalink / raw)
To: netfilter
Hello,
I am trying to get the redirect to work for use with squid. I know
that squid is working, but it seems that nothing from the local machine
is going through the nat PREROUTING table.
1) how do the tables interact with each other? i.e. if a rule in
the FILTER table is processed is that the end of it or does it make its
way through the NAT and MANGLE tables as well?
2) is there some reason that the POSTROUTING filter of the NAT
shows data going through it but the PREROUTING does not? How does the
PRE, POST and OUTPUT relate to each other? According to what I read the
packets should all go through the PRE, but this does not seem to be the
case.
output of iptables -L -v -t nat
#######################################
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- ppp0 any anywhere
anywhere state RELATED,ESTABLISHED
1 48 ACCEPT all -- !ppp0 any anywhere
anywhere
0 0 LOG all -- any any anywhere
anywhere limit: avg 3/hour burst 5 LOG level warning prefix
`nat: PREROUTED -> unknown: '
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
3 136 MASQUERADE all -- any ppp0 anywhere
anywhere
0 0 ACCEPT all -- any !ppp0 anywhere
anywhere
0 0 LOG all -- any any anywhere
anywhere limit: avg 3/hour burst 5 LOG level warning prefix
`nat: POSTROUTED unknown: '
Chain OUTPUT (policy ACCEPT 2 packets, 88 bytes)
#######################################
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: question on the nat table and iptables && REDIRECT
2002-09-23 5:38 question on the nat table and iptables && REDIRECT Joe
@ 2002-09-23 15:17 ` Antony Stone
0 siblings, 0 replies; 2+ messages in thread
From: Antony Stone @ 2002-09-23 15:17 UTC (permalink / raw)
To: netfilter
On Monday 23 September 2002 6:38 am, Joe wrote:
> Hello,
> I am trying to get the redirect to work for use with squid. I know
> that squid is working, but it seems that nothing from the local machine
> is going through the nat PREROUTING table.
Why should it? PREROUTING is for packets entering the machine, before the
routing decision which determines whether they're stopping here or going on
somewhere else.
Packets generated on the local machine go through the OUTPUT and POSTROUTING
chains.
> 1) how do the tables interact with each other? i.e. if a rule in
> the FILTER table is processed is that the end of it or does it make its
> way through the NAT and MANGLE tables as well?
Check out Oskar Andreasson's excellent tutorial, section 3:
http://www.netfilter.org/documentation/tutorials/blueflux/iptables-tutorial.html
Antony.
--
In science, one tries to tell people
in such a way as to be understood by everyone
something that no-one ever knew before.
In poetry, it is the exact opposite.
- Paul Dirac
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-09-23 15:17 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-09-23 5:38 question on the nat table and iptables && REDIRECT Joe
2002-09-23 15:17 ` Antony Stone
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.