tor 2008-04-03 klockan 18:08 +1300 skrev Amos Jeffries: > If squid is running on this same box I would recommend the REDIRECT > target instead of DNAT. It's less work for the kernel.
Actually REDIRECT is more work than DNAT as it has to look up the primary IP of the incoming interface and dynamically construct the DNAT rule.. Regards Henrik who have hacked a bit too much on Netfilter/Iptables in previous lives
