On Fri, 31 Aug 2001, Marian Jancar wrote:
>
> [EMAIL PROTECTED] wrote:
>
> > On Wed, 29 Aug 2001, Bart De Schuymer wrote:
> >
> > I've got my kernel built. The bridge is bridging. But packets are
> > getting past my filters. To simplify things I got rid of all my user
> > defined chains and rules. Set the policy for INPUT, OUTPUT, and FORWARD
> > to DROP. But I can still ping thru the bridge.
>
>
> ...
>
> > I did have to assign an ip number to br0 to get the bridge to
> > work. And I did have to add some iptables rules to be able to
> > ssh to the firewall via the br0 interface. So we have an odd
> > mix of things that are and are not working.
>
>
> Bridged packets are checked aganist prerouting and postrouting in 2.4, input
> etc. are only for ip I guess, while bridging is raw ethernet.
>
Thought I saw a message that said bridged packets were checked against
FORWARD. That's where I had the rules I expected to be checked. Is that
a coming attraction or did I just read it wrong.
In the context of iptables with bridging what's the difference between
PREROUTING and POSTROUTING when we don't do any routing?
Thanks,
I was going to extract a fresh copy of the source and reapply the patches.
But that's probably "barking up the wrong tree".
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
