but the diagram is for iptables ipchains, do for ex a pachet that traverse the router: net -> input chain -> routing -> forward chain -> output chain if i remember well and for the iptables see a great picture :-) at : http://people.unix-fu.org/andreasson/iptables-tutorial/images/tables_traverse.jpg C Julian Anastasov wrote: > Hello, > > On Mon, 17 Jun 2002, Leonardo Balliache wrote: > > >>This diagram, subject to discusion and improvement for more experimented >>people in the list to be depurated, can help to clarify things: >> >> >> Network >> -----------+----------- >> | >> +-------+------+ >> | mangle | >> | PREROUTING | >> +-------+------+ >> | >> +-------+------+ Policy rule database >> | PRDB | <- controlled by ip rule >> +-------+------+ >> | >> +-------+------+ >> | nat | >> | PREROUTING | >> +-------+------+ >> | >> packet is for +-------+------+ packet is for >> this address | ROUTING | another address >> +--------------+ DECISION ? +---------------+ >> | +--------------+ | >> +-------+------+ | >> | filter | | >> | INPUT | | >> +-------+------+ | >> | | >> +-------+------+ | >> | Local | | >> | Process | | >> +-------+------+ | >> > > > ROUTING > > > >> | | >> +-------+------+ +------+------+ >> | mangle | | filter | >> | OUTPUT | | FORWARD | >> +-------+------+ +------+------+ >> | | >> +-------+------+ | >> | nat | | >> | OUTPUT | | >> +-------+------+ | >> | | >> +-------+------+ | >> | filter | | >> | OUTPUT | | >> +-------+------+ | >> | +--------------+ | >> +--------------+ ROUTING +---------------+ >> | DECISION ? | <- controlled by ip route >> +-------+------+ >> | >> +-------+------+ >> | nat | >> | POSTROUTING | >> +-------+------+ >> | >> +-------+------+ >> | TRAFFIC | >> | QUEUE | <- controlled by tc >> +-------+------+ >> | >> -----------+----------- >> Network >> >> >>After all of us agree the diagram could be published at Stef site (with his >>permission, of course) to be have as a reference to people using the list. >> > > Where is the routing decision of the local process, before > OUTPUT? Or only I see it :) Also, there is a big difference between > input and output routing decision, may be this diagram can show it :) > > >>Best regards, >> >>Leonardo Balliache >>leoball@opalsoft.net >> > > Regards > > -- > Julian Anastasov <ja@ssi.bg> > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
