POSTROUTING
E886827
POSTROUTING is a Netfilter hook in the Linux kernel networking stack that processes packets just before they leave the system, typically used for tasks like network address translation (NAT).
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
Linux kernel networking concept
ⓘ
Netfilter hook ⓘ |
| appliesTo |
forwarded packets
ⓘ
locally generated packets ⓘ outgoing packets ⓘ |
| belongsTo | kernel space networking ⓘ |
| canModify |
packet headers
ⓘ
source IP address ⓘ source port ⓘ |
| commonUse |
Masquerading
ⓘ
Network Address Translation ⓘ Packet mangling ⓘ Source NAT ⓘ |
| configuredVia |
iptables -t nat -A POSTROUTING
ⓘ
nftables postrouting chain ⓘ |
| direction | egress ⓘ |
| documentation | Linux kernel Netfilter documentation ⓘ |
| effectOnRouting |
applies after routing is completed
ⓘ
does not change routing decision ⓘ |
| ensures | packets are rewritten before transmission ⓘ |
| environment | kernel space ⓘ |
| executionOrder |
after FORWARD hook
ⓘ
after OUTPUT hook ⓘ |
| hasRole | packet processing hook ⓘ |
| hookNumber | NF_INET_POST_ROUTING ⓘ |
| implementationLanguage | C ⓘ |
| introducedFor | flexible packet filtering and NAT in Linux ⓘ |
| layer | IP layer ⓘ |
| partOf |
Linux kernel networking stack
NERFINISHED
ⓘ
Netfilter framework NERFINISHED ⓘ |
| positionInPipeline | just before packets leave the system ⓘ |
| primaryAdministratorUse | configuring NAT on routers and gateways GENERATED ⓘ |
| relatedConcept |
FORWARD
ⓘ
INPUT ⓘ OUTPUT ⓘ PREROUTING ⓘ |
| scope |
IPv4
ⓘ
IPv6 ⓘ |
| tableUsedWith |
mangle table
ⓘ
nat table ⓘ |
| triggeredWhen | packet is about to be sent out an interface ⓘ |
| usedBy |
firewall administrators
ⓘ
network engineers ⓘ |
| usedIn |
Linux operating system
NERFINISHED
ⓘ
iptables NERFINISHED ⓘ nftables ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.