[changed CC to netfilter-devel] On 05.04, Todor Todorov wrote: > Hello, > > I was check and as you said REJECT target also doesn't work in Bridge. It does work on bridges, this is why I asked you to have a look at it. > Where is the problem - in "br.c" or it must add a check in "ipt_synproxy.c" > for is the packet coming from bridged interface? > I find this patch for reject in bridge but doesn't work - http://markmail.org/message/zkd57gfh7htcbyvc#query:+page:1+mid:spwhgpx2jl6iholn+state:results > > Any help would be useful to me... The REJECT target basically does what is necessary for SYNPROXY as well. Instead of routing newly generated packets, their outgoing ports must be determined based on the original packet, additionally you need to add a link layer header to them. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
