packet mangling

Packet mangling is the modification of packets at a packet-based network interface before and/or after routing. The term "mangling" is misleading, because to some people it suggests malicious intent. In this context, the term "mangling" refers only to the intentional alteration of the data in a packet header for a specific constructive purpose.

Packet mangling is used in conjunction with packet filtering and in Network Address Translation (NAT); it can also be part of a firewall program. The process is sometimes used to prioritize network traffic by changing Type of Service (ToS) values in packet headers and to label a packet for a particular user space application.

Linux utilities netfilter and iptables facilitate packet mangling, as well as packet filtering and NAT.

This was last updated in September 2005

Dig Deeper on Network Security Best Practices and Products