1. root@cloudy:~# iptables -t nat -nvL
  2. Chain PREROUTING (policy ACCEPT 29 packets, 6703 bytes)
  3. pkts bytes target prot opt in out source destination
  4. 29 6703 nova-network-PREROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
  5. 29 6703 nova-compute-PREROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
  6. 29 6703 nova-api-PREROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
  8. Chain INPUT (policy ACCEPT 29 packets, 6703 bytes)
  9. pkts bytes target prot opt in out source destination
  11. Chain OUTPUT (policy ACCEPT 107 packets, 6941 bytes)
  12. pkts bytes target prot opt in out source destination
  13. 109 7085 nova-network-OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
  14. 107 6941 nova-compute-OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
  15. 107 6941 nova-api-OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
  17. Chain POSTROUTING (policy ACCEPT 109 packets, 7085 bytes)
  18. pkts bytes target prot opt in out source destination
  19. 109 7085 nova-network-POSTROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
  20. 109 7085 nova-compute-POSTROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
  21. 109 7085 nova-api-POSTROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
  22. 109 7085 nova-postrouting-bottom all -- * * 0.0.0.0/0 0.0.0.0/0
  23. 0 0 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
  24. 0 0 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
  25. 0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24
  27. Chain nova-api-OUTPUT (1 references)
  28. pkts bytes target prot opt in out source destination
  30. Chain nova-api-POSTROUTING (1 references)
  31. pkts bytes target prot opt in out source destination
  33. Chain nova-api-PREROUTING (1 references)
  34. pkts bytes target prot opt in out source destination
  36. Chain nova-api-float-snat (1 references)
  37. pkts bytes target prot opt in out source destination
  39. Chain nova-api-snat (1 references)
  40. pkts bytes target prot opt in out source destination
  41. 109 7085 nova-api-float-snat all -- * * 0.0.0.0/0 0.0.0.0/0
  43. Chain nova-compute-OUTPUT (1 references)
  44. pkts bytes target prot opt in out source destination
  46. Chain nova-compute-POSTROUTING (1 references)
  47. pkts bytes target prot opt in out source destination
  49. Chain nova-compute-PREROUTING (1 references)
  50. pkts bytes target prot opt in out source destination
  52. Chain nova-compute-float-snat (1 references)
  53. pkts bytes target prot opt in out source destination
  55. Chain nova-compute-snat (1 references)
  56. pkts bytes target prot opt in out source destination
  57. 109 7085 nova-compute-float-snat all -- * * 0.0.0.0/0 0.0.0.0/0
  59. Chain nova-network-OUTPUT (1 references)
  60. pkts bytes target prot opt in out source destination
  61. 0 0 DNAT udp -- * * 0.0.0.0/0 10.20.0.1 udp dpt:1000 to:192.168.1.2:1194
  62. 2 144 DNAT all -- * * 0.0.0.0/0 XXX.YYY.ZZZ.230 to:192.168.1.3
  64. Chain nova-network-POSTROUTING (1 references)
  65. pkts bytes target prot opt in out source destination
  66. 0 0 ACCEPT all -- * * 192.168.0.0/24 10.20.0.1
  67. 0 0 ACCEPT all -- * * 192.168.0.0/24 10.128.0.0/24
  68. 0 0 ACCEPT all -- * * 192.168.0.0/24 192.168.0.0/24 ! ctstate DNAT
  70. Chain nova-network-PREROUTING (1 references)
  71. pkts bytes target prot opt in out source destination
  72. 0 0 DNAT tcp -- * * 0.0.0.0/0 169.254.169.254 tcp dpt:80 to:10.20.0.1:8775
  73. 0 0 DNAT udp -- * * 0.0.0.0/0 10.20.0.1 udp dpt:1000 to:192.168.1.2:1194
  74. 0 0 DNAT all -- * * 0.0.0.0/0 XXX.YYY.ZZZ.230 to:192.168.1.3
  76. Chain nova-network-float-snat (1 references)
  77. pkts bytes target prot opt in out source destination
  78. 0 0 SNAT all -- * * 192.168.1.3 0.0.0.0/0 to:XXX.YYY.ZZZ.230
  80. Chain nova-network-snat (1 references)
  81. pkts bytes target prot opt in out source destination
  82. 109 7085 nova-network-float-snat all -- * * 0.0.0.0/0 0.0.0.0/0
  83. 0 0 SNAT all -- * * 192.168.0.0/24 0.0.0.0/0 to:XXX.YYY.ZZZ.226
  85. Chain nova-postrouting-bottom (1 references)
  86. pkts bytes target prot opt in out source destination
  87. 109 7085 nova-network-snat all -- * * 0.0.0.0/0 0.0.0.0/0
  88. 109 7085 nova-compute-snat all -- * * 0.0.0.0/0 0.0.0.0/0
  89. 109 7085 nova-api-snat all -- * * 0.0.0.0/0 0.0.0.0/0