On Saturday 25 May 2002 10:46, yu_zeng wrote:
> Hi,
Hello,
> We find a bug in current bridge+netfilter code: when in routing mode
> and the out device is bond to a logical bridge device, the FORWARD
> chain of the mangle table couldn't see the real(or physical) out device.
Following incremental patch against bridge-nf-0.0.7-against-2.4.18.diff should
fix it.
cheers,
Bart
--- linux/net/bridge/br_netfilter.c Sun May 26 10:02:23 2002
+++ linux-new/net/bridge/br_netfilter.c Sun May 26 10:01:15 2002
@@ -450,7 +450,7 @@
{ { NULL, NULL }, ipv4_sabotage_in, PF_INET, NF_IP_PRE_ROUTING,
NF_IP_PRI_FIRST },
- { { NULL, NULL }, ipv4_sabotage_out, PF_INET, NF_IP_FORWARD,
NF_IP_PRI_BRIDGE_SABOTAGE },
+ { { NULL, NULL }, ipv4_sabotage_out, PF_INET, NF_IP_FORWARD, -175 },
{ { NULL, NULL }, ipv4_sabotage_out, PF_INET, NF_IP_LOCAL_OUT,
NF_IP_PRI_BRIDGE_SABOTAGE },
{ { NULL, NULL }, ipv4_sabotage_out, PF_INET, NF_IP_POST_ROUTING,
NF_IP_PRI_FIRST },
};
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
