From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ciprian Niculescu Date: Mon, 17 Jun 2002 19:20:14 +0000 Subject: Re: [LARTC] ipchains + mark in output chain ? Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org but the diagram is for iptables ipchains, do for ex a pachet that traverse the router: net -> input chain -> routing -> forward chain -> output chain if i remember well and for the iptables see a great picture :-) at : http://people.unix-fu.org/andreasson/iptables-tutorial/images/tables_traverse.jpg C Julian Anastasov wrote: > Hello, > > On Mon, 17 Jun 2002, Leonardo Balliache wrote: > > >>This diagram, subject to discusion and improvement for more experimented >>people in the list to be depurated, can help to clarify things: >> >> >> Network >> -----------+----------- >> | >> +-------+------+ >> | mangle | >> | PREROUTING | >> +-------+------+ >> | >> +-------+------+ Policy rule database >> | PRDB | <- controlled by ip rule >> +-------+------+ >> | >> +-------+------+ >> | nat | >> | PREROUTING | >> +-------+------+ >> | >> packet is for +-------+------+ packet is for >> this address | ROUTING | another address >> +--------------+ DECISION ? +---------------+ >> | +--------------+ | >> +-------+------+ | >> | filter | | >> | INPUT | | >> +-------+------+ | >> | | >> +-------+------+ | >> | Local | | >> | Process | | >> +-------+------+ | >> > > > ROUTING > > > >> | | >> +-------+------+ +------+------+ >> | mangle | | filter | >> | OUTPUT | | FORWARD | >> +-------+------+ +------+------+ >> | | >> +-------+------+ | >> | nat | | >> | OUTPUT | | >> +-------+------+ | >> | | >> +-------+------+ | >> | filter | | >> | OUTPUT | | >> +-------+------+ | >> | +--------------+ | >> +--------------+ ROUTING +---------------+ >> | DECISION ? | <- controlled by ip route >> +-------+------+ >> | >> +-------+------+ >> | nat | >> | POSTROUTING | >> +-------+------+ >> | >> +-------+------+ >> | TRAFFIC | >> | QUEUE | <- controlled by tc >> +-------+------+ >> | >> -----------+----------- >> Network >> >> >>After all of us agree the diagram could be published at Stef site (with his >>permission, of course) to be have as a reference to people using the list. >> > > Where is the routing decision of the local process, before > OUTPUT? Or only I see it :) Also, there is a big difference between > input and output routing decision, may be this diagram can show it :) > > >>Best regards, >> >>Leonardo Balliache >>leoball@opalsoft.net >> > > Regards > > -- > Julian Anastasov > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/