hi all
how to dnat every nth (or random) connection to remote http server TO to my http server?
to do it I need to catch syn (another words state NEW) packet but in NAT section there is not such an option.
I’m not sure it is possible with destination NAT, (I mean redirection to specific web-server), it is possible either with
- static DNS entries;
- proxy access rules.
create a packet mark for every nth packet you want with mangle, then use packet mark in your dstnat (you may need the NOT statement here depending on your existing nats)
and that is correct becouse mangle is traveled first 
THX