Hi, Tell me if I understand this right. For a packet that is not for local host, but comes in on one interface and goes out on another; Will that packet traverse PREROTING, FORWARD and POSTROUTING on _both_ underface, or will that packet traverse PREROTING, FORWARD and POSTROUTING only once, where PREROTING is when a packet "is in" the incoming physical interface, and is in FORWARD and POSTROUTING when the packet "is in" the outgoing interfave? regards, Kjell
On Friday 28 March 2003 06:14, Kjell Chris Flor wrote: > Hi, > > Tell me if I understand this right. > > For a packet that is not for local host, > but comes in on one interface and goes > out on another; > > Will that packet traverse PREROTING, FORWARD and POSTROUTING > on _both_ underface, or > > will that packet traverse PREROTING, FORWARD and POSTROUTING > only once, where PREROTING is when a packet "is in" the incoming > physical interface, and is in FORWARD and POSTROUTING when > the packet "is in" the outgoing interfave? Maybe this can help : http://www.docum.org/stef.coene/qos/kptd/ Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net
=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 28 March 2003 07:14, Kjell Chris Flor wrote:
> Hi,
>
> Tell me if I understand this right.
>
> For a packet that is not for local host,
> but comes in on one interface and goes
> out on another;
>
> Will that packet traverse PREROTING, FORWARD and POSTROUTING
> on _both_ underface, or
>
> will that packet traverse PREROTING, FORWARD and POSTROUTING
> only once, where PREROTING is when a packet "is in" the incoming
> physical interface, and is in FORWARD and POSTROUTING when
> the packet "is in" the outgoing interfave?
I believe this ASCII to be correct, but I'm not certain so a verification f=
rom=20
someone would be appreciated.=20
-------- -------------------
| Device | | Local application |
---|---- -----|-------------
| |
V |
| |
___|_______________ ___|_______________
/ \ / \
| Connection Tracking | | Connection Tracking |
| | | | | |
| mangle/PREROUTING | | mangle/OUTPUT |
| | | | | |
| nat/PREROUTING | | nat/OUTPUT |
| | | | |
| | | filter/OUTPUT |
\___ _______________/ \___ _______________/
| |
| |
| V=20
| |
| ----|----
V | Routing |
| ----|----
| |
| V
| ______________ |
---|----- / \ |
| Routing |--->-----| filter/FORWARD |---
---|----- \______________/ | =20
| | =20
V V =20
| | =20
___|_________________ ________|__________
/ \ / \=20
| filter/INPUT | | nat/POSTROUTING |
| | | | | |
| Connection Tracking | | Connection Tracking |
\___ _________________/ \________ __________/
| |
| |
V V
| |
| |
----|--------------- --------
| Local application | | Device |
-------------------- --------
=2D --Erik
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+hHxZds9m9uhAobARArrzAJ93Ia6VFxiS8Cx92+M/nfvBxVucpwCeJByZ
kvCpV+lKDHmSCBIi5rutlig=3D
=3DQSJn
=2D----END PGP SIGNATURE-----