> Traffic going over loopback seems to be handled in a special way > with the TRACE target. It's considered looped back even though there's never any 127.0.0.1 addresses? Ah well, I was afraid it would be something like that. Your suggested workaround sounds fine. This behavior feels weird though. Should I update the diagram with a dotted line conditionally skipping nat:PREROUTING? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
