Manualshelf

Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA
41424344454647484950
3. Base configuration
Action chain(s) Meaning
DNAT PREROUTING Replace destination address and destination
port of the packet by the address specified as a
parameter for SNAT (for all packets belonging
to the connection in consideration).
REDIRECT PREROUTING
OUTPUT
Replace destination port of the packet by the
address specified as a parameter for SNAT (for
all packets belonging to the connection in con-
sideration).
NETMAP PREROUTING
POSTROUTING
Copy destination resp. source address of the
packet to the range specified as a parameter
for NETMAP; the ports stay unchanged (for all
packets belonging to the connection in consid-
eration; while changing the destination address
in the PREROUTING-chain and the source address
of the POSTROUTING-chain).
Table 3.5.: Packet Filter Actions
Some of these actions may be modified in behaviour by using the options BIDIRECTIONAL,
LOG or NOLOG. BIDIRECTIONAL generates the same rule a second time with source and destina-
tion adresse exchanged (and source and destination port exchanged and/or in- and outbound
network interface exchanged if specified). LOG/NOLOG activates resp. deactivates logging for
this rule.
3.10.2. Restrictions For Rules
Restrictions may be defined by constraints explained in the following sections. You may use any
at any place where you don’t want restrictions but want/have to specify something. Constraints
can be specified in any order if they have a preceding prefix. This applies to all restrictions,
except for specifying a source or destination address which must always be placed directly in
front of the action, other constraints must be specified before. Restrictions can also be negated,
simply prefix them by a !.
Constraints For Source And Target
Each packet contains source and target informations in a tuple of an IP address and ports.
2
This source resp. target can serve as a constraint and may be addressed like this:
Expression Meaning
ip a simple IP address
network a network declaration in the form of
<ip>/<netmask>
2
A port only exists for TCP- and UDP-packets.
45