Learn something new every day
More Info... by email
Packet mangling is best described as the intentional modification of the information in the internet protocol (IP) packet header before it enters routing. This intentional change is not malicious, but is a process commonly used by network administrators.
When data is transmitted from one computer to another over the Internet, the information is sent in a data packet. The packet header contains the information about the sender and the receiver. It also contains information about the actual data being transmitted, which is called the payload.
Packet mangling is done through the network address translation (NAT) process. This process is used while the packet is moving across the traffic router. Within the NAT, the translation tables can be set up to modify the source IP address and the destination IP address fields automatically. This process is also called IP masking or network masquerading, and is one of the most commonly used functions of packet mangling.
The main table used in this process is called the mangle table. The mangle table contains five chains: pre-routing, input, forward, output and post routing. The packet comes into router and is checked against the mangle table pre-routing chain. From there, it is pushed through the network address translation table pre-routing chain. At this point, it is determined whether the packet is for you. If it is, the packet is routed to the mangle table and is processed through the input, forward and output routing processes, which ensures the packet arrives at its addressed destination.
There are various methods to modify the NAT settings and create the packet mangling tables. Netfilter is one such tool. This software is a well-known open source application used with Linux 2.4x to 2.6x for firewalling. Netfilter itself modifies the kernel modules to include callback functions for packages traveling in the network stack. Within Netfilter, iptables have been created to allow system administrators to configure the actual changes to the Linux 2.4x and 2.6x packet filtering rule set.
Packet mangling is a core function of the NAT process and is used to control the flow of data packets within a private network. It's also used to manage the packet header information for data packets sent via the Internet.
What is the main difference between the NAT table and the mangle table?