> -----Original Message----- > From: Henrik Nordstrom [mailto:hno@xxxxxxxxxxxxxxx] > The check should be after all > netfilter hooks just before the packet is given to the NIC > driver, dropped > on transmit because it can not be sent out on the target media, not > dropped in "bridge forwarding" because it seems to be bigger than the > intended target device. That makes sense. Regards, Dan
