Please don't trim CC lists.
Pascal Hambourg wrote:
Patrick McHardy a écrit :
I can reproduce this with forwarding between two bridges.
This matches my own observations.
The reason is that skb->nf_bridge still contains the data
from the first bridge and so br_netfilter thinks this is
a bridged packet.
Am I missing something if I think that this behaviour is badly broken ?
I don't know how this is supposed to work,
but it seems to me that on packets going out a bridge device
this should be reset in case it originates from a different
bridge (actually I think it should be reset unconditionally
So do I. Otherwise a packet received on a bridge can be forwarded back
to the same bridge and would be wrongly considered bridged.
but that would probably break bridged DNAT).
Why ?
Because if I'm not mistaken these packets also go through the
bridge device xmit function.
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
