On Mon, Jan 07, 2002 at 05:30:29PM +0100, Bart De Schuymer wrote:
> > > Ok, but my main point was that the nf bridge priority of passthrough > should > > > be INT_MAX, no matter what name you give it. > > > > Please allow me to disagree. > > Ofcourse. > But could you elaborate on why you give them priority number 0 instead of > something near INT_MAX? I agree 0 is a cool looking number. Any other > reason? Not at all. > > > Any function that attaches to a netfilter hook after the passthrough > > > function might as well attach before the passthrough function: > > > - if the function does stuff for ip packets it gets useless if it > attaches > > > after the passthrough function because passthrough steals those packets. > > > > *That* is the bug. We should definitely call NF_HOOK_THRESH after the > > passthrough functions. > > Isn't NF_HOOK_THRESH called _inside_ the br_nf_local_out() function of > 'passthrough'? I don't think that's a bug. No, it isn't. I'm afraid I failed to make myself clear here. The bug is that we don't give the packet back to the PF_BRIDGE/* hooks, causing the oddity that prio>0 causes your hook not to be called. Just handing the packet to okfn() is wrong. cheers, Lennert _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
