[Bridge] ebtables PREROUTING -drop
Alex Bligh
alex at alex.org.uk
Wed Aug 4 07:25:19 PDT 2010
--On 4 August 2010 14:33:10 +0200 Jan Engelhardt <jengelh at medozas.de> wrote:
>>> Did you read http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html and
>>> http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png ?
>>
>> A useful improvement to those would be documenting where libpcap
>> (which does both input and, less well known, output) samples/injects
>> packets. I /think/ sampling is right on the left and injection right
>> on the right.
>
> pcap grabbing and injection is completely outside any of the graphs
> currently floating around.
If by 'outside' you mean 'to the extreme left or extreme right'
that was my conclusion. But the absence of any documentation means
this makes debugging with tcpdump (for instance) harder
because you don't know where you are sampling.
I'm not 100% sure it is completely outside though. For instance,
if you do tcdump on a bridge device (as opposed to the corresponding
physical participant interface), isn't that after ingress ebtales
processing, but before egress? IE is in the graph somewhere.
--
Alex Bligh
More information about the Bridge
mailing list