Hi, On Thu, 2008-11-13 at 18:11 +0100, Pascal Hambourg wrote: > Michael a écrit : > > I'm having some issues using the quota module in the PREROUTING table. > > There is no such table. Do you mean the PREROUTING _chain_ in the 'nat' > table ? Yes. > > As far as I can tell, not all packets are actually hitting my quota > > rules. Instead only new connections seem to be managed correctly - > > subsequent and return packets are unaffected, and thus uncounted. > > This looks like the normal behaviour of the 'nat' table. Okay. Thanks for the clarification. So I will have to implement some rules in the filter table. As far as I can tell, though, the only way to share a quota counter between rules in the nat table and filter table is to implement it in userspace. Is this correct? Thanks, --michael -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
