[wplug] IP forwarding with iptables--ARGH!

James O'Kane jo2y at midnightlinux.com
Wed Feb 11 20:20:05 EST 2004


On Wed, 11 Feb 2004, Tim Lesher wrote:
> It appears that you *just* *can't* port-forward a packet sent from a
> local connection, because the kernel doesn't look at the nat table for
> locally-generated packets, and you can't mangle the packet from the
> filter table.

Most likely because they go through the OUTPUT chain, as there isn't a
routing decision. Or something like that.

-james




More information about the wplug mailing list