Le 04/08/2010 16:32, Jan Engelhardt a écrit :
On Wednesday 2010-08-04 16:25, Alex Bligh wrote:
Did you read http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html and
http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png ?
A useful improvement to those would be documenting where libpcap
(which does both input and, less well known, output) samples/injects
packets. I /think/ sampling is right on the left and injection right
on the right.
pcap grabbing and injection is completely outside any of the graphs
currently floating around.
If by 'outside' you mean 'to the extreme left or extreme right'
that was my conclusion. But the absence of any documentation means
this makes debugging with tcpdump (for instance) harder
because you don't know where you are sampling.
Well perhaps not extreme. If you inject into a tunnel, it may well
walk through Xtables after all - but then of course, only in its
encapsulated form.
I'm not 100% sure it is completely outside though. For instance,
if you do tcdump on a bridge device (as opposed to the corresponding
physical participant interface), isn't that after ingress ebtales
processing, but before egress? IE is in the graph somewhere.
Huh, all once investigated already. See
http://jengelh.medozas.de/images/nf-packet-flow.png for where
in/egress happen to be. :)
Nice work!
May be just missing other netif_receive_skb() magic, like bonding for example.
Nicolas.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html