Hi all, Currently, the DNPT target is restricted to the mangle table; this means that it is effectively impossible to utilise NPT in tandem with conntrack since it's impossible to rewrite the destination prefix prior to conntrack taking a look at the skb. Please consider allowing the use of DNPT from the raw table so that it's possible to do prefix translation without having to forego the benefits of conntrack. Kind Regards, Oliver -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
