Hi all, This is my first post to the list, so please bare with me. I have a requirement here. Is there possible to create a purely NAT iptables rules for certain IP addresses? What I means here is I want to enable stateful filtering for most of the all of the users except certain IP address/subnet. Stateful filtering is good sometime, bu not all the time, when you really want to do portscaning activities from a machine that sit behind the firewall. Any idea. .//Jet
