* Routing decision after FORWARD
@ 2007-06-27 13:15 Ivan Dubrov
2007-06-29 17:41 ` Jorge Davila
0 siblings, 1 reply; 3+ messages in thread
From: Ivan Dubrov @ 2007-06-27 13:15 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 374 bytes --]
Hello,
Look here:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html#TRAVERSINGGENERAL
According to the diagram, there is routing decision after
filter/FORWARD. However, according to the tables before, there is no
such routing (there is only one routing before mangle/FORWARD). The
question is, which one is correct?
--
WBR,
Ivan S. Dubrov
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Routing decision after FORWARD
2007-06-27 13:15 Routing decision after FORWARD Ivan Dubrov
@ 2007-06-29 17:41 ` Jorge Davila
2007-06-30 7:13 ` Ivan Dubrov
0 siblings, 1 reply; 3+ messages in thread
From: Jorge Davila @ 2007-06-29 17:41 UTC (permalink / raw)
To: Ivan Dubrov; +Cc: netfilter
Ivan:
There are three escenaries:
(1) Packets destined to our machine
(2) Packets originated inside our machine
(3) Packets forwarded
The table only have a reference to escenary (1) and the diagram after
the tables hits all escenaries.
Not all packets traverse all chains, that depends on the escenary.
Hope this helps,
Jorge Dávila.
Ivan Dubrov wrote:
> Hello,
>
> Look here:
> http://iptables-tutorial.frozentux.net/iptables-tutorial.html#TRAVERSINGGENERAL
>
> According to the diagram, there is routing decision after
> filter/FORWARD. However, according to the tables before, there is no
> such routing (there is only one routing before mangle/FORWARD). The
> question is, which one is correct?
>
>
--
Jorge Isaac Davila Lopez
Nicaragua Open Source
+505 430 5462
davila@nicaraguaopensource.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Routing decision after FORWARD
2007-06-29 17:41 ` Jorge Davila
@ 2007-06-30 7:13 ` Ivan Dubrov
0 siblings, 0 replies; 3+ messages in thread
From: Ivan Dubrov @ 2007-06-30 7:13 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 1019 bytes --]
There are three escenaries:
>
> (1) Packets destined to our machine
> (2) Packets originated inside our machine
> (3) Packets forwarded
>
> The table only have a reference to escenary (1) and the diagram after
> the tables hits all escenaries.
>
> Not all packets traverse all chains, that depends on the escenary.
>
I'm was already told that both are correct. There are two routing
decisions for forwarded packets (as it is drawn on the diagram) and the
second routing decision is mentioned in the table 6-3, step 8. However,
it is not clear, what kind of rules could be applied during the second
routing decision. The same as in first decision? In that case, does that
mean that I can set mark on the packet during the mangle/FORWARD and
route that packet to self in the second routing decision? And it will
traverse the table again, this time through INPUT chains?
Anyway, I've found easier solution for my needs, so these questions are
just for curiosity. :)
--
WBR,
Ivan S. Dubrov
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2007-06-30 7:13 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-27 13:15 Routing decision after FORWARD Ivan Dubrov
2007-06-29 17:41 ` Jorge Davila
2007-06-30 7:13 ` Ivan Dubrov
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.