On Thu, 10 Nov 2005 14:44:53 +0200, Adam Rosi-Kessel <adam@xxxxxxxxxxxxxxx> wrote: > George Alexandru Dragoi wrote: >> Better use mangle table, all packets traverse it. And doesn't require >> conntrack. > > But I can't do DNAT in mangle, right? You cannot. nat and mangle are two different chains. "Note that the DNAT target is only available within the PREROUTING and OUTPUT chains in the nat table" from http://iptables-tutorial.frozentux.net/iptables-tutorial.html#DNATTARGET -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ __________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com
