Ahh but I already tried physdev - and it throws warnings that it will not work on forward or post routing paths when it's not on a bridge interface. But I was specifying the rule with "-o br0" which is a bridge so the physdev rule should have been sane? Even though it threw this warning it did add into iptables but still didn't work for me. I might revisit it and see if I can figure out what was wrong. Gareth -----Original Message----- From: Bart De Schuymer [mailto:bdschuym@xxxxxxxxxx] Sent: 02 April 2010 19:48 To: Gareth Williams Cc: agashi shipora; netfilter-devel@xxxxxxxxxxxxxxx Subject: Re: br_netfilter post routing hook question... Gareth Williams schreef: > The product is a router and the bridge (br0) is connecting the lan to wlan. The module only wants to examine packets on the bridge for qos purposes - to wlan and so I can, at the bridge layer, check for packets to/from ath0 (the wireless port). At PF_INET I would only see br0 so my qos scope would be too wide. > > The iptables physdev match will probably save your day. cheers, Bart -- Bart De Schuymer www.artinalgorithms.be -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
