ebtables ACCEPT policy vs ACCEPT target

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm using 2.6.34.5 on a bridge environment.

I have eth1 and eth2 configured as a bridge (br0).

Trying to setup a web proxy, I did:

iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT
--to-port 1501

And "iptables -t nat -L -v " shows no packets seen by iptables.

Since "ebtables -t broute -L" shows me a empty BROUTING chain with
ACCEPT as the policy, everything is fine.

But if I do:

ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ip-proto tcp
--ip-dport 80  -j redirect --redirect-target ACCEPT
ebtables -t broute -A BROUTING -i eth2 -p ipv4 --ip-proto tcp
--ip-sport 80  -j redirect --redirect-target ACCEPT

"iptables -t nat -L -v" now sees HTTP traffic.

My question is: Isn't this wrong? I'm basically applying the same
ACCEPT in both cases. Why do they produce different results?

I'm using ebtables v2.0.9-1.

Thanks for your help.

- Robert
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux