> > Doesn't EVERY incoming packet go through PREROUTING?? And hence, > > the rule above will be applied to ALL incoming packets right?!? > > your statement is true for -t mangle PREROUTING, -t nat is not traversed > by every packet, no. Whoa! I didn't know that there is a PREROUTING for //both// mangle and nat tables!!! So mangle PREROUTING for all packets and net PREROUTING only for NEW state packets. Beautiful!!! Now I get it!!! Thanks again for the help! Chris
