On Thursday 2011-01-27 23:23, Jan Engelhardt wrote: >On Thursday 2011-01-27 23:13, E2IA wrote: > >>Thank very much but it doesn't work because the 128.0.0.0/8 doesn't >>pass through my box. > >Networks don't pass. Packets do. And from the looks of it, of course >you _will_ get packets from 128.0.0.0/8. > >Simply because 192.168.2.0/24 and 172.16.2.0/24 is included in >128.0.0.0/8. Er, not for 128.0.0.0/8. That should have been 128.0.0.0/1. >>>> rule 1: Âiptables Â-t mangle  -A ÂPOSTROUTING  -m mark --mark Â123 >>>> -j ACCOUNT --addr Â192.168.2.0/24 Â--tname http >>>> rule 2: Âiptables Â-t mangle  -A ÂPOSTROUTING  -m mark --mark Â123 >>>> -j ACCOUNT --addr Â172.16.2.0/24  Â--tname http -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
