Adicionei apenas algumas regras aos pacotes LOG que passam pelas cadeias OUTPUT, mas nada passa pela tabela NAT. Fica claro aqui no contador de cadeias de tabelas NAT (cujos contadores são zero):
sudo iptables-save
# Generated by iptables-save v1.8.4 on Tue Feb 13 03:49:55 2024
*raw
:PREROUTING ACCEPT [197:319667]
:OUTPUT ACCEPT [178:12147]
COMMIT
# Completed on Tue Feb 13 03:49:55 2024
# Generated by iptables-save v1.8.4 on Tue Feb 13 03:49:55 2024
*mangle
:PREROUTING ACCEPT [197:319667]
:INPUT ACCEPT [197:319667]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [178:12147]
:POSTROUTING ACCEPT [178:12147]
COMMIT
# Completed on Tue Feb 13 03:49:55 2024
# Generated by iptables-save v1.8.4 on Tue Feb 13 03:49:55 2024
*filter
:INPUT ACCEPT [1491:3438016]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1687:231563]
-A OUTPUT -j LOG --log-prefix "SEP [filter-OUTPUT] "
COMMIT
# Completed on Tue Feb 13 03:49:55 2024
# Generated by iptables-save v1.8.4 on Tue Feb 13 03:49:55 2024
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:test - [0:0]
-A OUTPUT -j LOG --log-prefix "SEP [nat-OUTPUT] "
COMMIT
# Completed on Tue Feb 13 03:49:55 2024
Também habilitei o encaminhamento de IP ipv4 da seguinte forma:
sudo sysctl -w net.ipv4.ip_forward=1
Mas o problema ainda existe.