Thanks Georgi, I don't think I'd found this before although I do recognise parts of it. One question arises - in Ch 6 it says connection tracking (coming in) happens between raw and mangle tables, but in Ch 7 it says it's handled in PREROUTING. I'm still left with the "filter in filter table is how it was designed" but nothing deeper (to answer the "use the source" response in advance, I certainly don't have the time and I doubt I'd manage to make enough sense of it either). Also, the description of the filter table also says that you may do prior filtering ... Cheers, George. > george wrote: > <snip> > > Can anyone explain this to me, or point me somewhere that will tell me > > please. I haven't found anything other than a simple statement > > anywhere. > > http://iptables-tutorial.frozentux.net/iptables-tutorial.html#TRAVERSINGOFTABLES >
