----- Original Message ----- From: "Eric Low" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, March 01, 2002 8:15 PM Subject: [Bridge] locally generated packets lost after output chain
> Hi, I am trying to set up my firewall/bridge/ebtables box for remote logging, > but the packets seem to be lost after the iptables OUTPUT chain. Syslog is > generating those packets and trying to send them via SSH on udp port 514. They > appear in the iptables OUTPUT chain just fine, with correct source > (198.122.47.17, on eth0) and destination addresses (198.122.47.20). I have > also added a logging rule to ebtables: > ebtables -A OUTPUT -p IPV4 --ip-source 198.122.47.17 --ip-destination > 198.122.47.20 -j LOG --log-level 0 > If I'm thinking about this correctly, the packet should leave the iptables > OUTPUT chain and then transverse the ebtables OUTPUT chain before being sent > out the NIC. However, the above logging rule shows nothing, and none of the > packets ever leave the box. Try this patch and plz say if it solves it. I posted it some time ago (January 15th), but Lennert ignored/missed it. http://users.pandora.be/bart.de.schuymer/bridge-nf/bridge-nf-vs-0.0.6-OUTPUT .diff If your packets are routed then the bridge-nf patch will make the packets go through the ebtables FORWARD chain instead of the ebtables OUTPUT chain (without this patch). I don't like it... So my guess is your packets are dropped by a rule in the ebtables FORWARD chain. cheers, Bart _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
