On Wed, 28 Apr 2010, Bill Prochazka wrote: > A more simple example is that ICMP echo requests > go out the nat table's output chain, but ICMP echo replies do not. The incoming ICMP echo-request (should be visible in PREROUTING) sets up a conntrack entry, the outgoing echo-reply matches to it and thus does not show up in nat OUTPUT/POSTROUTING. c'ya sven-haegar -- Three may keep a secret, if two of them are dead. - Ben F. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
