----- Original Message ----- From: "Lennert Buytenhek" <[EMAIL PROTECTED]> To: "Bart De Schuymer" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Saturday, January 12, 2002 8:16 PM Subject: Re: [Bridge] [PATCH] bridge-nf-0.0.4.bis patch available
> I'd still like to do priority registration. You agree with me on the 0, > so I'll create NF_BR_PASSTHROUGH and give it priority value 0. > > Where do you think putting ebtables hooks makes most sense? For PRE_ROUTING, > probably before passthrough. For POST_ROUTING, probably after. For the > others I'm not so sure. Anyway, send me a list of priorities and I'll stick > them in. NF_BR_PRI_EBT_FILTER_BRIDGED = -200 NF_BR_PRI_EBT_FILTER_OTHER = 200 NF_BR_PRI_EBT_NAT_DST_BRIDGED = -300 NF_BR_PRI_EBT_NAT_DST_OTHER = 100 NF_BR_PRI_EBT_NAT_SRC_BRIDGED = -100 NF_BR_PRI_EBT_NAT_SRC_OTHER = 300 I think purely bridged frames should go through ebtables before going through iptables, thus the negative priorities. The others should first go through iptables. Other frames are: the ones that are routed and the ones that originate from the bridge box themself. ebtables PREROUTING always before and ebtables LOCAL_OUT always after passthrough. ebtables POSTROUTING depends on whether the packet is routed or bridged. ebtables LOCAL_IN and FORWARD always before passthrough. Ok? cheers, Bart _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
