nat:
This table is consulted when a packet that creates a
new connection is encountered. It consists of three
built-ins: PREROUTING (for altering packets as soon as they
come in), OUTPUT (for altering locally-generated
packets before routing), and POSTROUTING (for altering
packets as they are about to go out).
mangle:
This table is used for specialized packet alteration.
Until kernel 2.4.17 it had two built-in chains:
PRE-ROUTING (for altering incoming packets before
routing) and OUTPUT (for altering locally-generated packets
before routing). Since kernel 2.4.18, three other built-in
chains are also supported: INPUT (for packets
coming into the box itself), FORWARD (for altering
packets being routed through the box), and POSTROUTING
for altering packets as they are about to go out).
Познай от къде paste-нах ;-)
|