Mr. Fischer,
--- Karl Fischer <[EMAIL PROTECTED]> wrote:
>
> general question
>
> Hi All,
>
> I remember reading something about filtering in PREROUTING CHAINS,
> however, unfortunately I can't find it anymore ...
>
> Somebody said that it's not recommended to filter in PREROUTING,
> it's recommended to filter in input/forward instead ...
>
> Is there any truth in it?
There is some truth to that statement, but it's not entirely correct.
> Any reason?
IMO the reason was that the filter table was supposed to be used for
filtering, and not the PREROUTING chains of either the mangle or nat tables.
I think this was because of cleanliness issues or something; I don't remember
exactly. However, if you need to filter traffic that will either go directly
to your system (INPUT) or through it (FORWARD) and want to do it as early
as possible, then you can use mangle PREROUTING.
>
> Many thanks
>
> - Karl
>
Brad
=====
Brad Chapman
Permanent e-mail: [EMAIL PROTECTED]
Current e-mail: [EMAIL PROTECTED]
Alternate e-mail: [EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com
