>>the outgoing echo-reply matches to it and thus does > not show up in nat OUTPUT/POSTROUTING. Does echo reply will show up in nat PREROUTING chain ? Thanks, Ratheesh On Thu, Apr 29, 2010 at 2:25 AM, Sven-Haegar Koch <haegar@xxxxxxxxx> wrote: > On Wed, 28 Apr 2010, Bill Prochazka wrote: > >> A more simple example is that ICMP echo requests >> go out the nat table's output chain, but ICMP echo replies do not. > > The incoming ICMP echo-request (should be visible in PREROUTING) sets up > a conntrack entry, the outgoing echo-reply matches to it and thus does > not show up in nat OUTPUT/POSTROUTING. > > c'ya > sven-haegar > > -- > Three may keep a secret, if two of them are dead. > - Ben F. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
