[Bug 1305] Rules in first chain same hook ignored if second chain has policy drop
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Feb 6 14:10:30 CET 2021
https://bugzilla.netfilter.org/show_bug.cgi?id=1305
--- Comment #14 from Alexander.S <bugz at dragon-home.dyndns-mail.com> ---
(In reply to Frank Myhr from comment #12)
> @Alexander S.: I think the packet flow diagram posted by Egbert S. is
> correct, i.e. output hook comes *after* routing decision. As is also shown
> here:
> https://commons.wikimedia.org/wiki/File:Netfilter-packet-flow.svg
>
Please notice the "reroute check" after the "output". Otherwise, "DNAT" and
"mark set" for PBR will not work for outgoing packets.
Also, see http://people.netfilter.org/pablo/docs/login.pdf
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20210206/aab48740/attachment.html>
More information about the netfilter-buglog
mailing list