On Thu, Aug 5, 2010 at 4:41 PM, Jan Engelhardt <jengelh@xxxxxxxxxx> wrote: > deep down below in source code, DROP just does that - drop. 1. In ebtables Broute, if packet gets dropped , how it goes to ip layer for further processing ? 2. ip_route_input will be called on all frames hitting prerouting nat table of ebtables . How it can decide where to route once it is past prerouing hook (packet which are dropped on nat prerotuing of ebtables ) ? /* i could be totally wrong here */ -Ratheesh > On Thursday 2010-08-05 12:42, ratheesh k wrote: >>>> >>>>What will happen, if we drop a packet at PREROUTING chain of ebtables ? >>> >>> Depends on the table you are referring to. >> >>What is the difference between droppin a Pkt in Brouting chain of >>Broute table and Drop a Pkt in nat prerouing chain of ebtables . Or >>are they having same effect ? . > > Generally, nat and broute are intended to be a configuration databases > only, where special semantics to standard verdicts can apply, as it does > for broute. To avoid confusion, the use of DROP in nat is not > advised, and iptables checks for such attempts. Ebtables doesn't, but > then again, it's the 4th-order-stepson of iptables only... > deep down below in source code, DROP just does that - drop. > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
