Jan Engelhardt wrote:
On Tuesday 2008-03-25 13:57, Patrick McHardy wrote:
which means ebtables actually comes after iptables, and hence,
your mark 3 will not show up as you expected.
Indeed, on output bridge netfilter will run after IPv4 netfilter.
Does that explain things?
It explains things, but having the feature removed is not nice.
I cannot deny that the previous code was real a hook spaghetteria,
but how could it be done better?
Good question. The order on output is logically correct, so I
wouldn't change it. I never liked the invocation of IP hooks
from bridging at all, so long-term we could consider making
the features people want to bridging available "natively"
(like conntrack/NAT/...).
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
