Hi This diagram shows the packetflow http://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg 1. Does this mean that when I set my computer to bridge mode for example brctl addbr br0 brctl addif br0 eth1 brctl addif br0 eth2 ip link set br0 up The packet goes through all of the link layer chains? That is, it will go through nat/PREROUTING (ebtables), raw/PREROUTING (iptables), mangle/PREROUTING (iptables) Or does it only go through the ebtables (blue coloured) chains in the link layer? 2. If it only goes through the blue chains only, if I want it to go through the iptables chains in the link layer (green coloured), I am required to have a rule with a DROP target to push it up to to the higher network layers, is this correct? 3. In which case, if I have added rules to the mangle/PREROUTING (iptables) chain, am I adding it to the network layer mangle/PREROUTING box in the diagram, or in the link layer mangle/PREROUTING box in the diagram? Currently I'm learning how it all fits together, thanks Andrew -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
