Hello, ----- Original Message ----- From: "Eric Low" <[EMAIL PROTECTED]> To: "Lennert Buytenhek" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, February 08, 2002 1:04 AM Subject: Re: [Bridge] DNAT'ing
> Just for the heck of it, after I added the static ARP entry, I also tried > adding a route (ip route add 198.122.149.10 dev eth0), which I did not have > before (since ip forwarding is disabled, of course). As soon as it received > the packet to be DNAT'd, I immediately got a kernel panic error and had to > restart the system. I also tried adding this ip route without the static ARP > entry in place, and got another kernel panic error. After looking at the bridge/netfilter patch (and doing some tests) it seems that DNAT'ed packets in the bridge are always/sometimes (?) routed. This because the destination MAC address is set to that of the bridge device. So it doesn't work because you didn't put ip_forward on. See: net/bridge/br_netfilter.c:br_nf_pre_routing_finish(). "memcpy(skb->mac.ethernet->h_dest, dev->dev_addr, ETH_ALEN);" If this is considered a feature or a bug I leave up to Lennert. cheers, Bart _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
