[CentOS] ip6tables equivalent for NAT?

Tue May 26 19:58:35 UTC 2020
Kenneth Porter <shiva at sewingwitch.com>

I figure that TCP is easy: Add a rule to the forward chain to allow SYN 
packets. There's already connection tracking to handle established 
connections. Does connection tracking handle UDP? If I allow all UDP 
from the LAN interface and one sends a DNS query from LAN to WAN, will 
the reply get back? I don't want to blanket authorize all UDP. ICMPv6, 
maybe, to allow traceroutes. Unless that's also handled by the tracking 
system.