Why ACCEPT target for POSTROUTING chain of nat table is not working in iptables?

vishy dewangan

9/12/23, 4:46 AM

I am trying to audit the packet and byte size of ping request to remote server at POSTROUTING chain in nat table of iptables. For that i have created the rule using ACCEPT target as follow

iptables -t nat -A POSTROUTING -p icmp -d 172.16.16.102 -j ACCEPT

But when sent the ping request to server 172.16.16.102, the packets were captured at this chain. Kindly suggest am i missing something.

Although when i have tried the same with MASQUERADE target it was captured successfully.

iptables -t nat -A POSTROUTING -p icmp -d 172.16.16.102 -j MASQUERADE

0 + 0

iptables

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why ACCEPT target for POSTROUTING chain of nat table is not working in iptables?

TH: ทำไมยอมรับเป้าหมายสำหรับห่วงโซ่ POSTROUTING ของตาราง nat ไม่ทำงานใน iptables

RO: De ce ACCEPT target for POSTROUTING lanțul de tabel nat nu funcționează în iptables?

RU: Почему цель ACCEPT для цепочки POSTROUTING таблицы nat не работает в iptables?

VI: Tại sao CHẤP NHẬN mục tiêu cho chuỗi POSTROUTING của bảng tự nhiên không hoạt động trong iptables?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.