From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ulysses Almeida Subject: Re: Two links and a SMTP sever. Date: Tue, 18 Jan 2005 18:14:18 -0300 Message-ID: References: <26550.142.169.215.10.1106081679.squirrel@142.169.215.10> <28693.142.169.215.10.1106083062.squirrel@142.169.215.10> Reply-To: Ulysses Almeida Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <28693.142.169.215.10.1106083062.squirrel@142.169.215.10> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-bounces@lists.netfilter.org Errors-To: netfilter-bounces@lists.netfilter.org Content-Type: text/plain; charset="us-ascii" To: Samuel Jean Cc: netfilter@lists.netfilter.org How can I debug, what happens after mangle PREROUTING. Can I do it only for packets with src port set to 25? to get a "clear" output? On Tue, 18 Jan 2005 16:17:42 -0500 (EST), Samuel Jean wrote: > > That's another doubt, dos nat PREROUTING called with syn+ack > > packets, or only with sym packets? > > the nat table is special, it only sees the first packet > of a connection. > > All other subsequent packet of this connection get verdict via > the conntrack. (bypass NAT chains) > So this conntrack entry is created while my syn packet is going out.... Can something wrong happening here, and conntrack gives the wrong veridict? > > Samuel > > -- - Ulysses Almeida