What is the difference between Mangle Table & NAT Table?

You must know IPTables to understand routing properly. Once the concept & perspective of IPTables is cleared to somebody, it would become very easy to understand Linux routing and write Iptables rules to create & configure your own desired network. I will write a series of posts trying to explain and clear the confusion over Iptables basic perspective.

I have seen many people asking the same question over and over again about the difference between Mangle Table & NAT Table and the relation. This short note, is just to clear the perspective on Mangle Table & NAT tables in IPTables.

What is Mangling & NAT?

Mangling refers to modifying the IP Packet. Any sort of modification in the packet can be called Mangling. NAT refers to only address translation. As Mangling is also a translation, NAT is most certainly a kind of Mangling in wide perspective.

So why there are two different tables used for Mangle & NAT in IPTables?

In IPTables a packets enters the Mangle Table chains first and then the NAT Table chains. IPTables allows the address to be handled by the NAT Table and other broader perspective that relates to QOS (Quality of Service) by Mangle Table. Mangle Table contains 3 types of rules, namely: Types of Service, Time to Live & Mark Settings (I will post a detailed post in later time regarding these). The QOS is masked first, then the Address thus the Mangle Table comes first and then the NAT Table.

Leave a Reply

Your email address will not be published. Required fields are marked *