Georgi Georgiev wrote :
I thought the bridge was supposed to behave like a switching hub. And it probably does, but I had misconfigured it.
Yes it does. Originally, i.e. in the vanilla 2.4 kernel, this is exactly and only what it does. Then people thought it would be cool to add some filtering capabilities so you could build a filtering bridge. So here came ebtables. But it had some limitations, so people thougt it would be cool that netfilter/iptables could be used on bridged IP packets, although it would be an ugly hack. So here came bridge-nf. Then people thought it would be cool that netfilter/iptables could also be used on IP packets encapsulated in bridged VLAN tagged frames, and finally in bridged PPPoE frames. So far so good. But IMHO the problem is that those features should have been disabled by default so the original behaviour expected by most people would have been preserved.
-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
