Bug#295567: marked as done ([doc] iptables: order, in which filter, nat, mangle tables are examined is missing in the man)

Thu, 28 Jan 2016 05:06:54 -0800 

Your message dated Thu, 28 Jan 2016 14:04:26 +0100
with message-id 
<caoksjbht3yqsxbcxzonphcarcjmv-543cancgia9dqf3rcq...@mail.gmail.com>
and subject line [doc] iptables: order, in which filter, nat, mangle tables are 
examined is missing in the man
has caused the Debian Bug report #295567,
regarding [doc] iptables: order, in which filter, nat, mangle tables are 
examined is missing in the man
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
295567: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295567
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: iptables
Version: 1.2.11-10
Severity: minor

It's not clear from the man in what order these tables are examined for
rule application. 

It would be nice if the followin is stated in section 'TABLES':
"For every chain (PREROUTING, INPUT, FORWARD, OUTPUT, POSTROUTING) the
tables are examined in the following order (when applicable): mangle,
nat, filter. "When applicable" means that not all tables are present for
every chain (in essence, not every chain is present in all tables). For
example, there is no INPUT and OUTPUT chains in the NAT table."

More detailed picture could be provided in doc directory. For example,
I've found useful picture at s7 project:
http://l7-filter.sourceforge.net/PacketFlow.png


Thanks.

-- Max



-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=uk_UA.UTF-8, LC_CTYPE=uk_UA.UTF-8 (charmap=UTF-8)

Versions of packages iptables depends on:
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an

-- no debconf information

--- End Message ---
--- Begin Message --- 
Hi,

I think we can close this 11 years old bug, the requested information
about how the framework works should be more than clear now all over
the internet.

best regards.
-- 
Arturo Borrero González

--- End Message ---

Reply via email to