Oliver <olipro@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > Currently, the DNPT target is restricted to the mangle table; this means that > it is effectively impossible to utilise NPT in tandem with conntrack since it's > impossible to rewrite the destination prefix prior to conntrack taking a look > at the skb. Could you please elaborate? Shouldn't conntrack rather be disabled for such flows? Where do you put the SNPT rules? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
