[prev in list] [next in list] [prev in thread] [next in thread]
List: netfilter-devel
Subject: Re: --in-interface and --out-interface issue on bridge
From: Wang Jian <lark () linux ! net ! cn>
Date: 2005-04-24 17:05:26
Message-ID: 20050425005137.9381.LARK () linux ! net ! cn
[Download RAW message or body]
Hi Patrick McHardy,
Thanks a lot for your hint.
Just in curiousness: when and why the -i and -o don't match on bridge's
physic device? A lot of documents on bridging firewall give example
using -i and -o.
On Sun, 24 Apr 2005 18:28:17 +0200, Patrick McHardy <kaber@trash.net> wrote:
> Wang Jian wrote:
> > Hi,
> >
> > During my test, I find that --in-interface doesn't work as I expected.
> >
> > web server -- (eth0--br0--eth1) -- web client
> >
> >
> > # iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 80 \
> > -j MARK --set-mark 1
> >
> > doesn't set mark to 1.
>
> Find out which interface is used using LOG. There is a physdev-match
> for use with briding, perhaps this is what you need.
>
> Regards
> Patrick
--
lark
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic