[Bridge] ebtables PREROUTING -drop

Jan Engelhardt jengelh at medozas.de
Thu Aug 5 04:11:43 PDT 2010


On Thursday 2010-08-05 12:42, ratheesh k wrote:
>>>
>>>What will happen,  if we drop a packet at PREROUTING chain  of ebtables ?
>>
>> Depends on the table you are referring to.
>
>What is the difference between  droppin a Pkt in Brouting chain of
>Broute table and  Drop a Pkt in  nat prerouing chain of ebtables . Or
>are they having same effect ? .

Generally, nat and broute are intended to be a configuration databases 
only, where special semantics to standard verdicts can apply, as it does 
for broute. To avoid confusion, the use of DROP in nat is not 
advised, and iptables checks for such attempts. Ebtables doesn't, but 
then again, it's the 4th-order-stepson of iptables only...
deep down below in source code, DROP just does that - drop.


More information about the Bridge mailing list