On Fri, 13 Jan 2012 09:17:21 -0600, Dimitri Yioulos <dyioulos@xxxxxxxxxxxxx> wrote:
Not to throw a proverbial wrench in the works, but in my case there is NAT for the DMZ hosts.
I don't have time to elaborate now, but I think you will have to use connection marking (as in my previous post). I'll reply more in depth later. Regards -- Lloyd -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
