There's a nice photo depicting the packet flow through the linux firewall[1]. Looking at it I have two questions concerning the netdev table: 1. Where exactly is the netdev table located? Right after "ingress (qdisc)"? 2. Let's pretend we have multiple network interfaces in a single linux machine, name it eth0 and eth1. These interfaces are bridged/bonded, and you have another interface -- bond0. Which interfaces should be used when you create the netdev table? Should it be one for eth0 and one for eth1, or just one for bond0? Which one is better and why? [1] https://upload.wikimedia.org/wikipedia/commons/thumb/3/37/Netfilter-packet-flow.svg/1450px-Netfilter-packet-flow.svg.png
Attachment:
signature.asc
Description: OpenPGP digital signature
