Re: Filtering in the nat table

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: Re: Filtering in the nat table
From: Jason Opperisano <opie@xxxxxxxxxxx>
Date: Tue, 22 Mar 2005 11:29:04 -0500
In-reply-to: <20050322160638.GA347@ikkoku.ath.cx>
Mail-followup-to: Jason Opperisano <opie@xxxxxxxxxxx>, netfilter@xxxxxxxxxxxxxxxxxxx
References: <20050322160638.GA347@ikkoku.ath.cx>
Sender: netfilter-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.1i

On Tue, Mar 22, 2005 at 05:06:39PM +0100, Toby wrote:
> Dear netfilter users,
> 
> 	I've found it handy to put filtering rules in the nat table,

<--snip-->

do *NOT* filter in the nat table.  only --state NEW packets ever traverse
the nat table.

if you want to filter packets pre-filter table, do it in mangle.

-j

Follow-Ups:
- Re: Filtering in the nat table
  - From: Toby

References:
- Filtering in the nat table
  - From: Toby

Prev by Date: Filtering in the nat table
Next by Date: Re: Filtering in the nat table
Previous by thread: Filtering in the nat table
Next by thread: Re: Filtering in the nat table
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux