Netfilter-packet-flow.svg
调试网络的方法:(Debugging the kernel using Ftrace)
$ watch -n1 -d sudo cat /proc/net/dev
1. $ sudo mount -t debugfs nodev debug
2. $ echo ip_rcv > set_graph_function
3. $ echo function_graph > current_tracer
4. $ echo 0 > tracing_on turn off trace, default is on
5. all log is on trace file
更多的文章,请看 内核目录下面的 $ ls Documentation/trace/events.txt Documentation/trace/tracepoints.txt
有关 IP forwarding
https://en.wikipedia.org/wiki/IP_forwarding
http://unix.stackexchange.com/questions/14056/what-is-kernel-ip-forwarding
各种使能IP forwarding的方法
http://www.ducea.com/2006/08/01/how-to-enable-ip-forwarding-in-linux/
IPtables中SNAT和MASQUERADE的区别
http://soft.zdnet.com.cn/techupdate/2008/0317/772069.shtml
http://blog.163.com/qk_zhu/blog/static/195076154201162795311632/
nat_tutorial
http://www.karlrupp.net/en/computer/nat_tutorial
redhat firewall
Port forward with iptables
介绍了local process的处理过程
https://serverfault.com/questions/646522/port-forward-with-iptables
