Hello
After finding this pretty recent and nice summary of packet flow:
http://jengelh.medozas.de/images/nf-packet-flow.png (1)
I noticed that in case of locally generated packets (routed through
bridge's port), ebtables nat postrouting is evaluated _after_ iptables
nat postrouting, which is different from official explanation at
http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html
and further in
http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png (2)
Precisely - figures 6a and 6d (but 3c is actually like in (1) ).
After doing some tests with simple bridge, ipt/ebt and plenty of logging
rules, it turned out, that the former (1) image is actually right. The
official guide is back from 2003, so maybe something has changed along
the years.
My question - does current behaviour (as in (1)) is inteneded, or is it
perhaps a bug, and diagram (2) should be right ?
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
