----Original Message Follows----
http://joerg.fruehbrodt.bei.t-online.de/pics/abb3_netfilter_ablaufdiagramm.jpg
What about the mangle decisions, do you also want to include them :D?
It looks reasonable, but if this is true then the article I mentioned was wrong. Perhaps there should be a disclaimer by the link on the netfilter documentation page?
Does anyone know the answers to my other questions? Specifically, is it due to style or technical reasons that people don't filter traffic in PREROUTING, and instead put the same rules in both FORWARD and INPUT?
I think you were probably just being facetious, but I wouldn't mind knowing when the mangle chains come into play. If we have to jump to them explicitly though, then I'll just RTFM. =)
Thanks again!
--Curby
They are traversed before the other ones e.g.
PREROUTING mangle -> PREROUTING nat -> FORWARD mangle -> FORWARD filter -> POSTROUTING mangle -> POSTROUTING nat
PREROUTING mangle -> PREROUTING nat -> INPUT mangle -> INPUT FILTER -> local process
local process -> OUTPUT mangle -> OUTPUT nat -> OUTPUT filter -> POSTROUTING mangle -> POSTROUTING nat
Greets
--
PGP-ID 0xF8EAF138
Attachment:
signature.asc
Description: PGP signature
Attachment:
signature.asc
Description: OpenPGP digital signature
