The term "mangling" might mislead people to conceive it as malicious—packet mangling is nothing like that at all. Packet mangling refers to the process of intentionally altering data in IP packet headers before or after the routing process.
Well, not all fields of the IP packet header can be modified in the mangle table, but that is not necessary.
Let's recall what an IP packet header looks like:
We have already discussed NAT, where we saw that we can "mangle" a packet by modifying the Source IP address and Destination IP address fields of the IP header. This mangling of packets is done only with NAT and is a part of the NAT process.
So, using the mangle table of netfilter we can modify the following two fields:
TOS: the 8 bit Type Of Service field
TTL: the 8 bit Time To Live field
iptables can also set a mark to IP packets that can be used internal by iproute2 for source routing and/or QoS with tc
. This internal mark, called nfmark (netfilter mark), doesn't alter...