67 static struct nf_hook_ops nf_nat_ipv4_ops[] __read_mostly = {
68 /* Before packet filtering, change destination */
69 {
70 .hook = iptable_nat_ipv4_in,
71 .pf = NFPROTO_IPV4,
72 .hooknum = NF_INET_PRE_ROUTING,
73 .priority = NF_IP_PRI_NAT_DST,
74 },
75 /* After packet filtering, change source */
76 {
77 .hook = iptable_nat_ipv4_out,
78 .pf = NFPROTO_IPV4,
79 .hooknum = NF_INET_POST_ROUTING,
80 .priority = NF_IP_PRI_NAT_SRC,
81 },
82 /* Before packet filtering, change destination */
83 {
84 .hook = iptable_nat_ipv4_local_fn,
85 .pf = NFPROTO_IPV4,
86 .hooknum = NF_INET_LOCAL_OUT,
87 .priority = NF_IP_PRI_NAT_DST,
88 },
89 /* After packet filtering, change source */
90 {
91 .hook = iptable_nat_ipv4_fn,
92 .pf = NFPROTO_IPV4,
93 .hooknum = NF_INET_LOCAL_IN,
94 .priority = NF_IP_PRI_NAT_SRC,
95 },
96 };
97
iptables深入解析-nat篇
http://blog.chinaunix.net/uid-20786208-id-5145525.html