Le 04/08/2010 16:32, Jan Engelhardt a écrit : > > On Wednesday 2010-08-04 16:25, Alex Bligh wrote: >> >>>>> Did you read http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html and >>>>> http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png ? >>>> >>>> A useful improvement to those would be documenting where libpcap >>>> (which does both input and, less well known, output) samples/injects >>>> packets. I /think/ sampling is right on the left and injection right >>>> on the right. >>> >>> pcap grabbing and injection is completely outside any of the graphs >>> currently floating around. >> >> If by 'outside' you mean 'to the extreme left or extreme right' >> that was my conclusion. But the absence of any documentation means >> this makes debugging with tcpdump (for instance) harder >> because you don't know where you are sampling. > > Well perhaps not extreme. If you inject into a tunnel, it may well > walk through Xtables after all - but then of course, only in its > encapsulated form. > >> I'm not 100% sure it is completely outside though. For instance, >> if you do tcdump on a bridge device (as opposed to the corresponding >> physical participant interface), isn't that after ingress ebtales >> processing, but before egress? IE is in the graph somewhere. > > Huh, all once investigated already. See > http://jengelh.medozas.de/images/nf-packet-flow.png for where > in/egress happen to be. :) Nice work! May be just missing other netif_receive_skb() magic, like bonding for example. Nicolas. _______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
