Hi, On Tuesday 14 February 2006 10:34, Keserű Kornél wrote: > I'm using iptables (v1.3.4 on a 2.6.15.3 kernel) in order to NAT > incoming UDP packets arriving on a single IP:port (1-1 rules in PRE- > and POSTROUTING chains in the nat table). I found out that packets are Why do you need two rules here? Redirecting incoming UDP packets to a single IP:port has nothing to do with POSTROUTING, it's a single rule on PREROUTING. > How could I find out, why are the packets lost? Is there a log entry > somewhere that says if an UDP packet was dropped because of... ? Try monitoring /proc/net/stat/ip_conntrack. I guess the number you find in the insert_failed column will match the number of dropped packets. -- KOVACS Krisztian
