Hi Martin! No, I'm not running with ebtables+nf support. From what I understand (and please correct me if I'm wrong), patching the kernel with ebtables+bridge-nf, you get an ebtables table with BROUTING, FORWARD, and NAT chains which you can match traffic on.
However, I need to match traffic in the mangles table, so the ebtables table
won't help me.
Some questions:
(a) If I add the bridge-nf + ebtables patches, will I be able to match
traffic on OUTPUT/FORWARD/POSTROUTING in the mangle table?
(b) Why does netfilter not currently see the traffic even though a tcpdump
on eth0/eth1 shows all the traffic passing through the interfaces?
> It sounds like you are running bridging with the netfilter hooks.
>
> See the section at the bottom of the page on bridging + firewalling
> (really netfilter hooks):
>
> http://bridge.sourceforge.net/download.html
>
> And of course, the newest patches here:
>
> http://users.pandora.be/bart.de.schuymer/ebtables/sourcecode.html
>
> Are you running a kernel with support for bridge+nf (as it is known)?
>
> -Martin
>
> : If I create the following setup:
> :
> :
> :
> : 66.8.28.52/29 66.8.28.51/29
> : +------+ +------+
> : | PC A |------+ +---------| PC B |
> : +------+ | | +------+
> : | |
> : eth1| | eth0
> : +-----+
> : | qos | (br0 = 66.8.28.49/29)
> : +-----+
> :
> : PC A is connected to qos via crossover cable and PC B and qos is plugged
> : into same switch. So even though everything is on the same network, traffic
> : has to go through qos when PC A talks to PC B.
> :
> : Now, if PC A ping PC B, then my packet counters on the PREROUTING, INPUT,
> : FORWARD, OUTPUT, POSTROUTING chains stay the same for both filter and mangle
> : tables - i.e. netfilter don't see any traffic flowing through the machine.
> :
> : Why is this? How do I match this traffic using netfilter? I can't use
> : ebtables because I have to match traffic in the mangle table if I want to
> : use it in conjunction with tc.
> :
> :
--
Regards
Abraham
I'm telling you that the kernel is stable not because it's a kernel,
but because I refuse to listen to arguments like this.
-- Linus Torvalds
___________________________________________________
Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
P.O. Box 3472, Matieland, Stellenbosch, 7602
Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
Email: [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
