Question About the Netfilter
I am now tracing the Linux source code and found one thing strange
In kernel/net/ipv4/ip_output.c,in function ip_output(), it passes NULL incoming net_device to the hook fnctions on the Post Routing
This makes me confused that why the kernel assume there is no function will need the incoming net_device for further operation.
In this case, it will make the SNAT no effect in the Post Routing if we configure a iptables rule like below
iptables -t nat -I POSTROUTING 1 -i eth0 -s 192.168.1.0/24 -j MASQUERADE
in this case. this rule will never take effect because iptables has no chance to know the incoming interface
Any one knows why kernel did it like that?