On Mon, 4 Nov 2002, Bart De Schuymer wrote: > On Monday 04 November 2002 21:18, Pekka Savola wrote: > > > Harald replied on the netfilter-devel mailing list that this is a > > > feature. > > > > Of course it is a feature -- for _routing_ code. > > Right. I kind of overlooked that originally ;) You'd better not use that final > patch I sent if you want to use the bridge as a router too.
But I don't -- I want to use it purely as a bridge, completely transparent -- I don't want my bridge's IP in the ICMP error messages, but that of the destination. > > For bridging, that is entirely different. > > Ideally the REJECT target should have an option that tells the code to use the > destination address of the original packet as the source address of the ICMP > message. > I'll ask the netfilter guys what they think about that. I *strongly* believe this should be default when bridging, but I could live with it either way. > > Btw. I wonder what is used as a source address if the bridge has no IP. > > Probably 0.0.0.0. Ofcourse, this strange situation is bridge-nf's fault. Right. Nothing netfilter does when being run from bridge context should use its own IP address, IMO. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
