[Bug 1305] Rules in first chain same hook ignored if second chain has policy drop
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Jan 21 16:40:35 CET 2021
https://bugzilla.netfilter.org/show_bug.cgi?id=1305
Alexander.S <bugz at dragon-home.dyndns-mail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bugz at dragon-home.dyndns-mai
| |l.com
--- Comment #11 from Alexander.S <bugz at dragon-home.dyndns-mail.com> ---
(In reply to Egbert S from comment #5)
>
> The priority values only works within the same hook. There are 6 hooks
> (ingress, prerouting, input, forward, output, postrouting).
>
> Local
> process
> ^ | .-----------.
> .-----------. | | | Routing |
> | |-----> input / \---> | Decision |----> output \
> --> prerouting --->| Routing | .-----------. \
> | Decision | --> postrouting
> | | /
> | |---------------> forward ---------------------------
>
> Don't forget to add 'ingress' before `prerouting` to the old chart above.
> Ingress was added in Linux 4.2.
>
This is the wrong picture: output is actually _before_ routing!
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20210121/edf3eca9/attachment.html>
More information about the netfilter-buglog
mailing list