On Thursday 2011-01-27 23:13, E2IA wrote: >Thank very much but it doesn't work because the 128.0.0.0/8 doesn't >pass through my box. Networks don't pass. Packets do. And from the looks of it, of course you _will_ get packets from 128.0.0.0/8. Simply because 192.168.2.0/24 and 172.16.2.0/24 is included in 128.0.0.0/8. >>> rule 1: Âiptables Â-t mangle  -A ÂPOSTROUTING  -m mark --mark Â123 >>> -j ACCOUNT --addr Â192.168.2.0/24 Â--tname http >>> rule 2: Âiptables Â-t mangle  -A ÂPOSTROUTING  -m mark --mark Â123 >>> -j ACCOUNT --addr Â172.16.2.0/24  Â--tname http -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
