[Bug 570] PREROUTING is unaware of VLAN interfaces
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Sun May 27 17:59:48 CEST 2007
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=570
bdschuym at pandora.be changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From bdschuym at pandora.be 2007-05-27 17:59 MET -------
This behaviour is caused by the way the networking code works:
a bridge isn't a vlan-enabled device, the device br1.25 just sits on top of the
bridge device.
This results in the fact that as long as the incoming packet is handled by the
bridge code, iptables sees the in-dev as br1. If the packet is forwarded and not
routed, you'll see br1 instead of br1.25 in the iptables FORWARD chains.
It's only when the packet actually gets routed or when it's destined for the
bridge box itself that the in-dev becomes br1.25.
If you want to use vlan devices in the PREROUTING chains for traffic received by
a bridge, you can make eth1.25 and add eth1.25 to br0 and then use the physdev
module.
cheers,
Bart
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.
More information about the netfilter-buglog
mailing list