Nikolay Nikolaev wrote:
Hi.
-j IMQ is equal -j ACCEPT...? i mean it after -j IMQ packet don't return
in parent chain??? cause -j ACCEPT action accept the packet in the child
chain and don't return it to parent...
example:
ipt="iptables -t mangle"
$ipt -N HTTP
$ipt -A HTTP -j IMQ // after this packet packets go to -t nat tables?
or // it return to parent chain (PREROUTING) in mangle?
$ipt -N OTHER
$ipt -A OTHER -j IMQ
$ipt -A PREROUTING [expression] -j HTTP
$ipt -A PREROUTING -j OTHER
all this I do for ingress traffic.
thx.
I don't think -j IMQ is terminating as an iptables rule.
Whether it sees packets before / after (de)nat in prerouting depends on
the kernel config options and gets logged for 2.6s. For 2.4s there is a
patch to make it hook after nat.
Andy.
_______________________________________________
LARTC mailing list
[email protected]
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
