Hello netfilter, Holy christ, i relied i could REJECT packets in any table, but unfortunately after launching the program i was working on i got ugly 'iptables: Invalid argument' after executing `iptables -A PREROUTING -t mangle .. -j REJECT` why cant i put -j REJECT in the PREROUTING chain of mangle table? Manual says it makes no sense, but it makes sense for me. I mark certain packets (-j MARK) in the mangle table, and those which are not marked should be REJECTed. The only way, i think, i can solve it is using FORWARD and INPUT chains of the filter table. Match any not marked packets in these chains and REJECT from there. But this adds some extra time (packet has to traverse other chain) and i have to duplicate the rules (because of putting on both INPUT and FORWARD). Is there a patch or smth to this problem, or it cant be done (REJECT in mangle)? P.Krumins
