Re: catching all packets on an interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ah great I did not realize you could use physdev on
both.  My need was to pass all packets which go thru
the interface to QUEUE for mangling or at least
investigation (so ideally after fragments are
recombined and such).

I saw a nice flow diagram
(http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png)
 showing the interactions of bridged packets and
normal iptables flow.  It *seemed* like
prerouting/postrouting caught all local/passthru
packets coming in/out of the interface, so maybe:
iptables -I PREROUTING -m physdev --physdev-in eth0 -t
mangle -j QUEUE
iptables -I POSTROUTING -m physdev --physdev-out eth0
-t mangle -j QUEUE
?

-Scott


--- Matt Richards <matt@xxxxxxxxxxxxx> wrote:

> Hello, 
> 
> by capture I'm guessing you mean match?
> 
> With bridges and iptables i normally use physdev
> 
> iptables -I FORWARD -m physdev --physdev-in eth0
> --physdev-out eth1
> 
> Hth,
> 
> Matt.
> 
> On Sat, Mar 15, 2008 at 04:50:39AM -0700, Scott
> MacKay wrote:
> > In a simple bridge design, eth0, eth1, bridged to
> br0,
> > what iptables rules would be needed to capture all
> of
> > the packets?
> > 
> > It looked like one in PREROUTING/mangle and
> > POSTROUTING/mangle would do it for all locally
> > delivered/received and passthru....
> > 
> > -Scott
> > 
> > 
> >      
>
____________________________________________________________________________________
> > Never miss a thing.  Make Yahoo your home page. 
> > http://www.yahoo.com/r/hs
> > _______________________________________________
> > Bridge mailing list
> > Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx
> >
>
https://lists.linux-foundation.org/mailman/listinfo/bridge
> 
> -- 
> Matt Richards
> > _______________________________________________
> Bridge mailing list
> Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx
>
https://lists.linux-foundation.org/mailman/listinfo/bridge



      ____________________________________________________________________________________
Never miss a thing.  Make Yahoo your home page. 
http://www.yahoo.com/r/hs
_______________________________________________
Bridge mailing list
Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/bridge
[Index of Archives]     [Netdev]     [AoE Tools]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux