You are converting a Linux host into an edge router. The external interface eth0 receives its public IPv4 address dynamically from the ISP, and the internal subnet 192.168.50.0/24 must reach the Internet through that single address using port translation. Which single iptables command correctly enables Port Address Translation for this situation?
Port Address Translation on a Linux gateway is typically implemented with the MASQUERADE target in the nat table's POSTROUTING chain. MASQUERADE rewrites the source address to whatever IP is currently assigned to the outgoing interface and, when necessary, also rewrites the source port so that multiple internal hosts can share one public address. It is designed for links that obtain a dynamic address via DHCP or PPP. The SNAT rule shown would work only if the external IP were static and therefore does not fit the scenario. The DNAT rule changes the destination address for inbound traffic, which is unrelated to PAT. The FORWARD-chain rule merely permits packets to pass; it performs no address or port translation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the MASQUERADE target in iptables?
Open an interactive chat with Bash
What is the difference between MASQUERADE and SNAT in iptables?
Open an interactive chat with Bash
Why is the POSTROUTING chain used for NAT in iptables?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access