Hi Mr. Engelhardt, 2010/12/17 Jan Engelhardt <jengelh@xxxxxxxxxx>: > If the above is fine to you, why would you even execute these two: Apart from trying to understand the correct usage of ebtables rules, I use it to _exclude_ IPs from a webproxy redirection. Something like: ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ip-dst 200.152.32.0/24 -j redirect --redirect-target ACCEPT ebtables -t broute -A BROUTING -i eth2 -p ipv4 --ip-src 200.152.32.0/24 -j redirect --redirect-target ACCEPT ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP ebtables -t broute -A BROUTING -i eth2 -p ipv4 --ip-proto tcp --ip-sport 80 -j redirect --redirect-target DROP But, like I said, it doesn't work as expected. The packets don't get "bridged" like when the policy applies. I just used the easier example to show the issue :-) Cheers, - Robert -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
