> >On 07.10.08 16:09, Amos Jeffries wrote: > >>Your current rule is restricting the REDIRECT to specific interface and > >>0.0.0.0 source. not sure host that 0.0.0.0 bit works. > Matus UHLAR - fantomas wrote: > >It probably has to be 0.0.0.0/0 which matches ALL IP's. 0.0.0.0/24 matches > >only 0.0.0.* which is nearly the same as nothing. On 08.10.08 00:27, Amos Jeffries wrote: > Can www get any confirmation on that. Because I thought the -s meant > source-IP. And the 0.0.0.0/8 range are invalid bogons. It only makes > sense as you say as an inverted mask. > > The issue could be the eth2 setting. > Or if you are right about the 0.0.0.0/24, Matus, that bit may need > changing to 0.0.0.0/16 or similar to catch more subnets. I guess that had to be "0.0.0.0/0" in the meaning of "no matter what's the source IP" as long as the selector was specified by -i option. -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 99 percent of lawyers give the rest a bad name.