[PATCH] support --physdev-out for routed packets
philipc at snapgear.com
Fri Jul 13 05:14:18 CEST 2007
Philip Craig wrote:
> Patrick McHardy wrote:
>> Its probably also racy wrt. fdb changes.
> Yes. It could modify the bridging code to only forward to the
> physoutdev stored in nf_bridge, or store the fdb result in
> nf_bridge and avoid the second fdb lookup.
I remember now why I didn't do this already.
The solution is to store the result in the mark, and use that in
ebtables to ensure it still goes out that port. This needs to be
done anyway when defining the zone in terms of IP addresses.
More information about the netfilter-devel