On 05/14/2013 11:27 AM, krzf83@xxxxxxxxx wrote:
Unfortunetly postrouting has not DNAT (only SNAT).
Oops.. I missed that.
I figured only option is to rewrite all filters with conntrack and --ctorigdst --ctorigdstport, but contrack has to iprange. Only other option is to put filter rules in raw or mangle table. Both require huge rewrite of filter rules and thats only because iptables can't filter before DNAT :/ weird.
I think, if you give more details about your setup, people can help. Regards, Vignesh -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
