From mboxrd@z Thu Jan 1 00:00:00 1970 From: Julian Anastasov Date: Mon, 17 Jun 2002 19:11:05 +0000 Subject: Re: [LARTC] ipchains + mark in output chain ? Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Hello, On Mon, 17 Jun 2002, Leonardo Balliache wrote: > This diagram, subject to discusion and improvement for more experimented > people in the list to be depurated, can help to clarify things: > > > Network > -----------+----------- > | > +-------+------+ > | mangle | > | PREROUTING | > +-------+------+ > | > +-------+------+ Policy rule database > | PRDB | <- controlled by ip rule > +-------+------+ > | > +-------+------+ > | nat | > | PREROUTING | > +-------+------+ > | > packet is for +-------+------+ packet is for > this address | ROUTING | another address > +--------------+ DECISION ? +---------------+ > | +--------------+ | > +-------+------+ | > | filter | | > | INPUT | | > +-------+------+ | > | | > +-------+------+ | > | Local | | > | Process | | > +-------+------+ | ROUTING > | | > +-------+------+ +------+------+ > | mangle | | filter | > | OUTPUT | | FORWARD | > +-------+------+ +------+------+ > | | > +-------+------+ | > | nat | | > | OUTPUT | | > +-------+------+ | > | | > +-------+------+ | > | filter | | > | OUTPUT | | > +-------+------+ | > | +--------------+ | > +--------------+ ROUTING +---------------+ > | DECISION ? | <- controlled by ip route > +-------+------+ > | > +-------+------+ > | nat | > | POSTROUTING | > +-------+------+ > | > +-------+------+ > | TRAFFIC | > | QUEUE | <- controlled by tc > +-------+------+ > | > -----------+----------- > Network > > > After all of us agree the diagram could be published at Stef site (with his > permission, of course) to be have as a reference to people using the list. Where is the routing decision of the local process, before OUTPUT? Or only I see it :) Also, there is a big difference between input and output routing decision, may be this diagram can show it :) > Best regards, > > Leonardo Balliache > leoball@opalsoft.net Regards -- Julian Anastasov _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/