Le mar 06/04/2004 à 20:16, Antony Stone a écrit : > <Pedantic response> > Because PREROUTING is a nat table, and nat tables are for Network Address > Translation. FORWARD and INPUT are filter tables (the default if you don't > specify in iptables rules), and that's where filtering operations such as > DROP, REJECT, ACCEPT should be done. > </Pedant> Well, for nat table don't see all packets, only new ones, one could use mangle table... But it's the same, mangle table is for mangling, not filtering. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
