|
On Wed, Aug 27, 2003 at 01:12:43PM -0400, Joseph Mack wrote:
> Horms wrote:
> >
> >
> > It might be easiest to only move handling of fwmark virtual services to
> > prerouting. But this has the disadvantage that it would produce
> > slightly different behaviour depending on which you used,
>
> argh! let's not go there :-)
argh! I am not even sure what the changes would be at this stage.
Probably some netfilter (packet filtering) chains wouldn't
be traversed and thus rules in there would have no effect.
This could almost certainly be resolved by moving the rules
to a different chain.
Previously broken setups that did not have packets being
treated as local would magically work.
Setups that for some reason really want packets to be
local would stop working. But are there actually any
such setups in practice?
There are probably others but I haven't done much testing
so I am not sure.
--
Horms
|
