Re: ebtables PREROUTING -drop |
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
On Wednesday 2010-08-04 16:25, Alex Bligh wrote:
>
>>>> Did you read http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html and
>>>> http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png ?
>>>
>>> A useful improvement to those would be documenting where libpcap
>>> (which does both input and, less well known, output) samples/injects
>>> packets. I /think/ sampling is right on the left and injection right
>>> on the right.
>>
>> pcap grabbing and injection is completely outside any of the graphs
>> currently floating around.
>
> If by 'outside' you mean 'to the extreme left or extreme right'
> that was my conclusion. But the absence of any documentation means
> this makes debugging with tcpdump (for instance) harder
> because you don't know where you are sampling.
Well perhaps not extreme. If you inject into a tunnel, it may well
walk through Xtables after all - but then of course, only in its
encapsulated form.
> I'm not 100% sure it is completely outside though. For instance,
> if you do tcdump on a bridge device (as opposed to the corresponding
> physical participant interface), isn't that after ingress ebtales
> processing, but before egress? IE is in the graph somewhere.
Huh, all once investigated already. See
http://jengelh.medozas.de/images/nf-packet-flow.png for where
in/egress happen to be. :)
_______________________________________________
Bridge mailing list
Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/bridge
[Netdev]
[AoE Tools]
[Linux Wireless]
[Kernel Newbies]
[Security]
[Linux for Hams]
[Netfilter]
[Bugtraq]
[Photo]
[Yosemite]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux RAID]
[Linux Admin]
[Samba]
[Video 4 Linux]
[Linux Resources]
