Iptables have 3 tables: Filter, Nat, Mangle, with -t name selection.
Filter is the default table, there are three chains of INPUT, OUTPUT, FORWARD
NAT uses when the packet is established, there is preording, postrouting, Output three chains
Mangle uses when the packet changes, there is preording, Output two chains
Common objective:
Accept, Drop, Masquerade, Snat, DNAT
Snat can only be in the postrouting chain in the NAT table
DNAT can only in the preording and Output chain of the NAT table
Masquerade can only be in the postrouting chain in the NAT table
Several examples
iptables -t nat -a postrol 192.168.1.0/24 -j masquerade
iptables -t nat -a postrouting -s 10.8.164.1 -j snat --to-Source 10.8.164.2
