On 07.11.2010 17:10, Pascal Hambourg wrote:does anyone know a way to
solve this
You can mark the packets (-j MARK) or the connection (-j CONNMARK) in
mangle/OUTPUT before DNAT, and match the packet mark (-m mark) or
connection mark (-m connmark) in nat/POSTROUTING.
Or you can use -m conntrack --ctorigdst to match the original
destination address.
After playing around some time to see how to use and how it works - it
does exactly what i need
Thanks
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
