Help with understanding how IPTables work

Hi everyone!

I have scrutinized a fully working rc.firewall script I got from the
internet, because I
need customize it to forward some ports to an internal server, but I got
confused as
to how iptables actually works.

The script SNAT all packets going out of my external iface, which makes
perfect
sense as I have 192.168.x.x addresses internally. But packets being
forwarded from
the internet to my internal network aren't being DNATted explicitly by the
rc.firewall
script, so where is the DNAT happening? is it done by the ip forwarding
chain? or by
this connection tracking thing?

This is how I think iptables works (please correct me if I got it wrong,
thanks!):

Packet in==>Mangle==>Prerouting==>Routing==>Forward==>Pos trouting==>Out

or Input

I also find something really quite strange, I have my ext iface connected to
the ADSL
modem, but the modem has a fixed address of 192.168.0.1. I can access that
internally but I can't think why that should be, I thought 192.168.x.x
addresses aren't
supposed to be routed out? the script does forward all traffic going from
int iface to
ext iface, regardless of IP addresses, but if routing happens before the
filtering table,
surely such packets with class C destination IPs should never make it out?

Can someone help me clarify this, thanks!
sorry if this is a troll-ish question, I'm quite new to networking :-P

On 2004-12-14, Justin <(E-Mail Removed)> wrote:
> confused as to how iptables actually works.

The IPTable-howto is quite clear.
Davide

--
Buy a Pentium III so you can reboot faster.

Justin wrote:

> Hi everyone!
>
> I have scrutinized a fully working rc.firewall script I got from the
> internet, because I
> need customize it to forward some ports to an internal server, but I got
> confused as
> to how iptables actually works.

Have a look at the docs on www.netfilter.org
and the KPTD on www.docum.org

Andy.