Re: ebtables on a stick
On 11-12-02 17:20, Greg Scott wrote:
OK. But I dunno.... I set eth0 on the router with the same address as the real host behind it on eth1. So something comes in on eth0 for 220.127.116.11. The router has that as its own address now, plus a route to somebody else with the same address on eth1. But as far as the router/firewall is concerned, that packet is already delivered - why would it forward it out on eth1?
Where the packet gets delivered is decided by the routing - and the very first table traversed is local - which is auto filled by the kernel. But that routing rule still can be forcibly removed, after which the next matching one is the one added manually - after which the packet will end in FORWARD, instead of INPUT.
(and keep in mind earlier David's warning about confusing programs/services - it's still doable, but requires more manual labor - proxy is certianly cleaner and just works)
-- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html