[Bug 570] PREROUTING is unaware of VLAN interfaces
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Mon May 28 12:42:51 CEST 2007
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=570
------- Additional Comments From bdschuym at pandora.be 2007-05-28 12:42 MET -------
iptables PREROUTING before the bridge forwarding decision is used to change the
IP destination address. You therefore obviously have to go through the
PREROUTING chain before that bridging decision, even if it turns out afterwards
the packet wasn't dnated.
Of course, it's possible to redirect (at the ethernet level) the packets with
ebtables, so in theory it's probably not absolutely needed to have iptables
PREROUTING before the bridging decision. Statements like that usually turn out
to be false in the end, but anyway it does save you a lot of delay since routing
over a bridge input device means queuing the packet twice at the input side.
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.
More information about the netfilter-buglog
mailing list