Hi - I'm trying to do some firewalling on every packet that goes through our firewall. We're doing our filtering in the PREROUTING chain (not recommended, I realize), because we must do our firewalling to determine whether we need to NAT a request. There are times when the NAT PREROUTING chain is bypassed, and I'm not exactly sure why. The docs say that "it will be bypassed in certain cases," however I cannot determine what these cases are. Why are the packets getting sent past the NAT PREROUTING chain? Is there a way to send all of the data through this chain? Regards, Paul
