[CentOS] ip6tables equivalent for NAT?

Tue May 26 20:03:42 UTC 2020
John Pierce <jhn.pierce at gmail.com>

yes, outbound UDP through the NAT layer adds an entry to the tracking table
which expires after some time.

this sorta explains it...

On Tue, May 26, 2020 at 12:59 PM Kenneth Porter <shiva at sewingwitch.com>

> I figure that TCP is easy: Add a rule to the forward chain to allow SYN
> packets. There's already connection tracking to handle established
> connections. Does connection tracking handle UDP? If I allow all UDP
> from the LAN interface and one sends a DNS query from LAN to WAN, will
> the reply get back? I don't want to blanket authorize all UDP. ICMPv6,
> maybe, to allow traceroutes. Unless that's also handled by the tracking
> system.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos

-john r pierce
  recycling used bits in santa cruz