On Tue, Aug 26, 2008 at 07:56, Jose Ildefonso Camargo Tolosa <ildefonso.camargo@xxxxxxxxx> wrote: > OUTPUT (raw) ---> Conntrack ---> OUTPUT (mangle) ----> reroute > check???? ---> OUTPUT (nat) > > Shouldn't the "reroute check" go *after* OUTPUT (nat) ? I'm not sure > and I have one doubt: > > It says that: > > ebtables OUTPUT (nat) --> ebtables OUTPUT (filter) --> ebtables > POSTROUTING (nat) --> Network Output > > But, shouldn't it "reroute" the packet after ebtables OUTPUT (nat)? To where should it reroute? EBtables lies underneath iptables, between it and the hardware (usually). When ebtables is done with the packet, it'd done with it. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
