As long as you can "catch" it in FORWARD, i see no reason to catch it in POSTROUTING, but if you still want this, try that iptables -t mangle -A FORWARD -j MARK --set-mark 0x1 iptables -t nat -A POSTROUTING -m mark --mark 0x1 .... do stuff On Mon, 16 Aug 2004 03:57:59 +0200, Marcin Sura <slacklist@xxxxx> wrote: > Hello > > I have lan (10.0.0.0/8) and server (10.1.1.1 for lan, dynamic ip > from my ISP). I use MASQUERADE to allow lan computer connects to > internet. eth0 connects to lan, ppp0 for internet. > > All traffic lan <--> internet passes through FORWARD chain. How > can I "catch" this traffic in POSTROUTING chain? > > -- > Pozdrawiam > Marcin mailto:slacklist@xxxxx > > -- Bla bla
