Patrick McHardy a écrit :
I can reproduce this with forwarding between two bridges.
This matches my own observations.
The reason is that skb->nf_bridge still contains the data from the first bridge and so br_netfilter thinks this is a bridged packet.
Am I missing something if I think that this behaviour is badly broken ?
I don't know how this is supposed to work, but it seems to me that on packets going out a bridge device this should be reset in case it originates from a different bridge (actually I think it should be reset unconditionally
So do I. Otherwise a packet received on a bridge can be forwarded back to the same bridge and would be wrongly considered bridged.
but that would probably break bridged DNAT).
Why ? - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html