Hi all,
I'm observing some strange behavior with using iptables. In particular, when I used iptables to remove a rule in the nat table, it took quite a while before it actually took effect. I didn't have such problem when inserting the rule. More specifically, when I ran
iptables -t nat -I PREROUTING 1 -m mac --mac-source $mac -j RETURN
it took effect immediately, the device with the $mac address didn't pass through the rest of the rules in the PREROUTING chain. However, when I ran
iptables -t nat -D PREROUTING -m mac --mac-source $mac -j RETURN
iptables -t nat -L shows that the rule has been removed, but the device with the $mac address was still treated the same way as if the rule was still in place. It sometimes took more than 1 minute before the rule was no longer in effect.
Are there some type of caching in netfilter or iptables? Or is this a bug? I'm using Linux Kernel 2.4.17, I tried both iptables v.1.2.2 and iptables v.1.2.3, both with the same problem.
Thanks.
Regards,
J.B.
-----------------------------------------------------------
As of February 12, 2003 Thomson unified its email addresses on a worldwide basis. Please note my new email address: junbiao.zhang@thomson.net
Thomson is the leader in solutions and technologies for the entertainment and media industries and serves its customers under its four strategic brands: Technicolor, Grass Valley, RCA and THOMSON.
More about Thomson: http://www.thomson.net/videochain
