On 10/15/06, Martijn Lievaart <m@xxxxxxx> wrote:
Create a seperate rule in FORWARD that jumps to an empty chain. Put this rule before the -m state rule(s).
I will try to guess that by FORWARD you mean the filter FORWARD chain (as opposed to mangle FORWARD), & the empty chain that you're referring to is a user-defined chain, but I didn't get what you eman by "the -m state rule" since in my example I didn't use the state module. But in any case, doesn't the FORWARD chain only accounts for forwarded packets through the machine. What about locally generated packets? Thanks
