Right I'm about to make one table per subnet. And I'd like to know if there is a limitation for table number. regards. 2011/1/27 Jan Engelhardt <jengelh@xxxxxxxxxx>: > On Thursday 2011-01-27 23:23, Jan Engelhardt wrote: > >>On Thursday 2011-01-27 23:13, E2IA wrote: >> >>>Thank very much but it doesn't work because the 128.0.0.0/8 doesn't >>>pass through my box. >> >>Networks don't pass. Packets do. And from the looks of it, of course >>you _will_ get packets from 128.0.0.0/8. >> >>Simply because 192.168.2.0/24 and 172.16.2.0/24 is included in >>128.0.0.0/8. > > > Er, not for 128.0.0.0/8. ÂThat should have been 128.0.0.0/1. > > >>>>> rule 1: Âiptables Â-t mangle  -A ÂPOSTROUTING  -m mark --mark Â123 >>>>> -j ACCOUNT --addr Â192.168.2.0/24 Â--tname http >>>>> rule 2: Âiptables Â-t mangle  -A ÂPOSTROUTING  -m mark --mark Â123 >>>>> -j ACCOUNT --addr Â172.16.2.0/24  Â--tname http > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at Âhttp://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
