path: root/iptables
diff options
authorPablo Neira Ayuso <>2013-01-07 21:34:39 +0100
committerPablo Neira Ayuso <>2013-01-28 12:38:21 +0100
commit166f20a3665a28e0f5fcedd0914c8e7d41521428 (patch)
tree0d13ac298c43570ef8d62c5607a62b91b66d4fb9 /iptables
parent1c317dafa986699127d08951037869f9669e3b25 (diff)
doc: document nat table for IPv6
Based on the IPv4 description. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables')
1 files changed, 7 insertions, 0 deletions
diff --git a/iptables/ b/iptables/
index 58b7bfc7..24c6f661 100644
--- a/iptables/
+++ b/iptables/
@@ -106,6 +106,13 @@ the built-in chains \fBINPUT\fP (for packets destined to local sockets),
\fBFORWARD\fP (for packets being routed through the box), and
\fBOUTPUT\fP (for locally-generated packets).
+This table is consulted when a packet that creates a new
+connection is encountered. It consists of three built-ins: \fBPREROUTING\fP
+(for altering packets as soon as they come in), \fBOUTPUT\fP
+(for altering locally-generated packets before routing), and \fBPOSTROUTING\fP
+(for altering packets as they are about to go out). Available since kernel 3.7.
This table is used for specialized packet alteration. Until kernel
2.4.17 it had two built-in chains: \fBPREROUTING\fP