iptables is not picking tap interface packets

T

tincboy

Renowned Member
Apr 13, 2010
466
6
83
I've used a simple iptables rule to test some idea, but I can see it's not picking any packet on tap interface.
Is that normal?
Code: 
root@node01:~# iptables -I FORWARD -i tap101i0
results:
Code: 
root@node01:~# iptables -L FORWARD -v -n 
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0            all  --  tap101i0 *       0.0.0.0/0            0.0.0.0/0
 
tincboy said:
I've used a simple iptables rule to test some idea, but I can see it's not picking any packet on tap interface.
Is that normal?
Code: 
root@node01:~# iptables -I FORWARD -i tap101i0
results:
Code: 
root@node01:~# iptables -L FORWARD -v -n
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination
    0     0            all  --  tap101i0 *       0.0.0.0/0            0.0.0.0/0
Click to expand...
It fixed by using "-m physicaldev --physdev-in tap101i0" instead of -i, and it's because tap is layer 2 not layer 3
 
You must log in or register to reply here.
Top Bottom