Hi all,

I _think_ the attached picture shows all the predefined chains in all
the tables that the kernel uses in the order that it uses them (except
for the raw table).

1) Is anything wrong?
2) Where does the raw table fit?
3) What happens if you use NOTRACK.
4) Is there anything else that can make a packet deviate (cf: DROP)

This seems the best place to get a real answer. There are lots of answers 
on google, but they all seem to be partial or even (occasionally) wrong. :-(

Even the netfilter website doesn't seem to have a BIG picture ... does it?

-- 
Rob.                          (Robert de Bath <robert$ @ debath.co.uk>)
                                              <http://www.debath.co.uk/>