We've got ACL's up the wazoo in front of us and stateful devices too, I just need two netfilter boxes in front of a server farm doing packet filtering nice and fast; load balancing is being taken care of by a couple BigIP's. I can't seem to find an example of anything other than masq/NAT for home or SOHO iptables implementation and am not having luck hacking up existing scripts. Does anyone use NetFilter in an ISP or Campus enterprise setup? I like NAT and the D/SNAT features of NetFilter, I just don't need it for this project.... anybody got some clues for me?
tia/ Brian
