> On Thursday 30 May 2002 10:20, zengyu wrote: > > Hi, > Hello, > > We find a bug in current bridge+netfilter code: when in routing mode > > and the out device is bond to a logical bridge device, the MAC address > > match isn't work. > Do you get matches when only checking on ip addresses? Are you sure the matching ip address has no problem.
> packets are actually passing through the iptables FORWARD chain? > Do you see this bug with the bridge-nf-0.0.7 patch too? 0.0.7 has this bug too. To make things more clear, I tried another test. A<--->eth0--brg0--eth1<--->B eth0 and eth1 are bond to make a bridge device brg0, host A connects linux box through eth0, host B connects through eth1. if A's default gw set to B, thus the linux box working in bridging mode, there's no problem, $iptables -A FORWARD -m mac --mac-source MAC_ADDR_OF_A matching packets as expected. But, changing A's default gw to the linux box, thus make it working in routing mode, the bug appears. Regards ZengYu _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
