lloydroc/iptables_notes.txt

## iptables_notes.txt
# List them all
sudo iptables -v -t nat -L -n --line-numbers

# Create one in the nat table
sudo iptables -t nat -A POSTROUTING --source 172.17.0.3 --destination 172.17.0.3 -p udp -j MASQUERADE

# Delete one in the nat table
sudo iptables -t nat -D POSTROUTING 12
sudo iptables -t nat -D DOCKER 2

# Create a masquerading rule
sudo iptables -t nat -A POSTROUTING -p udp -s 172.17.0.3 --sport 162 -d 172.17.0.3 --dport 162 -j MASQUERADE

# Creating a DOCKER rule
sudo iptables -t nat -A DOCKER -p udp --dport 162 -d 10.10.202.11 -j DNAT --to 172.17.0.3:162
sudo iptables -t nat -A DOCKER -p udp --dport 162 -d 127.0.0.1 -j DNAT --to 172.17.0.3:162

# Watching interfaces
sudo tcpdump -i docker0 -T snmp -n dst portrange 161-162
sudo tcpdump -i eno1 -T snmp -n dst portrange 161-162

# Trace Rules
iptables -t raw -A DOCKER -p tcp --destination 10.10.202.10 --dport 162 -j TRACE
	# List them all
	sudo iptables -v -t nat -L -n --line-numbers

	# Create one in the nat table
	sudo iptables -t nat -A POSTROUTING --source 172.17.0.3 --destination 172.17.0.3 -p udp -j MASQUERADE

	# Delete one in the nat table
	sudo iptables -t nat -D POSTROUTING 12
	sudo iptables -t nat -D DOCKER 2

	# Create a masquerading rule
	sudo iptables -t nat -A POSTROUTING -p udp -s 172.17.0.3 --sport 162 -d 172.17.0.3 --dport 162 -j MASQUERADE

	# Creating a DOCKER rule
	sudo iptables -t nat -A DOCKER -p udp --dport 162 -d 10.10.202.11 -j DNAT --to 172.17.0.3:162
	sudo iptables -t nat -A DOCKER -p udp --dport 162 -d 127.0.0.1 -j DNAT --to 172.17.0.3:162

	# Watching interfaces
	sudo tcpdump -i docker0 -T snmp -n dst portrange 161-162
	sudo tcpdump -i eno1 -T snmp -n dst portrange 161-162

	# Trace Rules
	iptables -t raw -A DOCKER -p tcp --destination 10.10.202.10 --dport 162 -j TRACE