NetFilter NAT

As you explored in Chapter 6, the packet filtering structure within the Linux 2.4 series kernel is NetFilter. Because you had used the fwmark interface (called nfmark in NetFilter) to tag packets, you noted that there were structures that existed to allow for NAT within the NetFilter architecture. To determine how these structures function within the Policy Routing arena, you perform a series of tests within your test network setup.

First you do some research into the style of the NetFilter structure as it pertains to the NAT function. In contrast to the bidirectional routing NAT style, NetFilter treats the direction of the NAT as an element of the NAT function. This granularity provides an additional construct that can provide ...

Get Policy Routing Using Linux® now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.