On Mon, Jun 10, 2002 at 09:06:41AM -0700, Jack Bowling wrote: > ** Reply to message from Antony Stone <[EMAIL PROTECTED]> on Mon, 10 Jun >2002 13:18:12 +0100 > > > > On Monday 10 June 2002 12:45 pm, [EMAIL PROTECTED] wrote: > > > > > :) this is really not the problem, now I am logging all packets, no adress > > > > > > specification ;) > > > > > > -A POSTROUTING -p icmp -m icmp --icmp-type 3/4 -j LOG --log-prefix "icmp > > > SNAT POST " > > > > Hmmm. Okay - this is beyond my understanding of netfilter - can anyone else > > suggest why icmp packets going through the machine would get logged and > > processed by PREROUTING and FORWARD but not by POSTROUTING ? > > Wouldn't hurt to add the interface(s).
Absolutely!! You omit the -i/-o switches only when you _really_ don't care about the direction of the packet flow. Ramin > jb > > -- > Jack Bowling > mailto: [EMAIL PROTECTED]
