> is it possible that $REAL_IP is a local IP address on the > machine running netfilter? the reason i ask is that the > packet counters on the FORWARD chain are zero (whereas INPUT > and OUTPUT are over 40000). Unfortunately, it is not. Really weird, since packets are correctly DNAT'ed _before_ going through the filter rules, then the kernel should detect that they are not intended to it, neh? I tried tcpdump'ing the $REAL_IP and $REAL_PORT, but then nothing matched the filter. I must have forgot one thing, since _it worked_ in the past!! :'( Thanks for your help! > > -j > > -- > Jason Opperisano <opie@xxxxxxxxxxx> > >
