-2

My goal is to forward packets from an interface to another interface without source port conflicts using the right feature, NAPT.

I couldn't find how to add a NAPT rule (Network Address Port Translation or also known as PAT) with iptables and nftables.

More interestingly, searching combinations of PAT NAPT iptables/nftables/netfilter doesn't give anything relevant. Even when they mention PAT/NAPT, they do a simple IP masquerading...

Edit

It seems iptables's NAT does implicit port translation... somehow it's obvious for everybody even though it isn't written anywhere. The definition of NAT is however pretty clear and doesn't include a layer 4 alteration. Whatever...

Alexis
  • 2,136
  • 2
  • 19
  • 47

1 Answers1

0

By using iptables, masquerade is a choice but may not fullfill your goals. The better method is to extend netfilter and iptables by writing your own iptable operation. I do this some years before, here is my github code, hope that can help you.

tyChen
  • 1,404
  • 8
  • 27
  • it seems iptables's NAT does implicit port translation... somehow it isn't written anywhere. We don't need to explicitly ask the tool to do it. – Alexis Nov 16 '21 at 08:37
  • In router's inner code, it can do like that. I write it just for interest. – tyChen Nov 16 '21 at 08:53