How can I debug, what happens after mangle PREROUTING. Can I do it only for packets with src port set to 25? to get a "clear" output? On Tue, 18 Jan 2005 16:17:42 -0500 (EST), Samuel Jean <sj-netfilter@xxxxxxxxxxxxxxxx> wrote: > > That's another doubt, dos nat PREROUTING called with syn+ack > > packets, or only with sym packets? > > the nat table is special, it only sees the first packet > of a connection. > > All other subsequent packet of this connection get verdict via > the conntrack. (bypass NAT chains) > So this conntrack entry is created while my syn packet is going out.... Can something wrong happening here, and conntrack gives the wrong veridict? > > Samuel > > -- - Ulysses Almeida
