I'm using a linux box as a router:
The Box has 2 public ips and local ip, i'm using natting to allow local users to access the web.
When a local user access the web, source natting happens here, the packets going through the public interface are they checked through the OUTPUT chain or through the Forward chain ?
The same Question for the returned packets of the already established session are they check via the INPUT or forward chain ?
One last thing: Consider me as a local user the packets will go like this
PC ---> LinuxBox Local Interface ---> Linux Box Public interface ----> External world.
When the packets come back:
External Word ---->Public interface ----> Local interface ----->PC
If i want to apply a rule on the packet when they move from the local interface to the PC, should i use the FORWARD chain or the OUTPUT chain ?
What do you think ??