> Sorry if this question has been asked before, but: > > > Is there any good reasons, technically or political, to disallow the REJECT > target in the PREROUTING table? The PREROUTING chain is in nat and mangle tables. REJECT is supposed to be used in filter table; Do filtering only there. Nat is supposed to be used for address translation, and mangle for just mangling. That's the short answer. This question indeed has been asked on the list, please look it up for a more detailed answer if you wish. Regards, Maciej Soltysiak
