Kamal írta:
This is one way, but isn't there a more graceful way other than
putting duplicate entries in NAT POSTROUTING & mangle POSTROUTING.
Thanks
Hmm... I do not understand you clearly... What do you mean "more
graceful"... ? :)
1. You may do some changes on the packets... (SNAT/DNAT, etc...)
2.a. You have to mark or identify the packets you want to count in other
chains ... (MARK target or direct rules)
2.b. You can use the mangle POSTROUTING chain for counting specified
packets because this is the "last" chain BEFORE every packet leaves the
system.
(I know that there is a "raw" table...)
So... How do you want to do it "more graceful" ?
Swifty
