On 1/10/2019 12:05 PM, wenxu wrote:
> On 1/10/2019 12:41 AM, Pablo Neira Ayuso wrote:
>> On Fri, Dec 21, 2018 at 06:12:24PM +0800, wenxu@xxxxxxxxx wrote:
>> [...]
>>> +static struct xt_match tunnel_mt_reg __read_mostly = {
>>> + .name = "tunnel",
>>> + .revision = 0,
>>> + .family = NFPROTO_UNSPEC,
>>> + .match = tunnel_mt,
>>> + .matchsize = sizeof(struct xt_tunnel_mtinfo),
>> Does this work away from the prerouting hook?
> Yes, I just test all the hooks. It can work for ingress packet match for PREROUTING and INPUT.
>
> egress packet (output go through a lwtunnel) on FORWARD, OUTPUT and POSTROUTING.
sorry I check that the INPUT hook can't be work for this
