From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ciprian Niculescu Date: Tue, 18 Jun 2002 07:13:56 +0000 Subject: [LARTC] iptables diagram (ex: ipchains + mark in output chain ?) Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org so you say that are 3 routing decision: - after nat prerouting - after local_process, and before mangle output - before nat postrouting what is the use of the routing decision after local process??? C Julian Anastasov wrote: > Hello, > > On Mon, 17 Jun 2002, Ciprian Niculescu wrote: > > >>aa ok, so why the subject is ipchains? :-) >> > > I'm just replying to the proposed iptables diagram. > > >>>>http://people.unix-fu.org/andreasson/iptables-tutorial/images/tables_traverse.jpg >>>> >>>> >>> Another wrong picture for iptables >>> >> >>why??? >> > > Read my posting again. The routing decision is before > OUTPUT not after OUTPUT. It should be looking something like: > > local process -> output routing -> OUTPUT+output_rerouting(s) -> ... > > Another problem: to what routing decision refers the diagram > after forward? > > The forwarding should be: > > prerouting -> input routing -> forward -> post_routing > > Another bug, this time in the netfilter sources (iptable_mangle.c): > > output_rerouting called from INPUT > > >>C >> > > Regards > > -- > Julian Anastasov > _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/