Slavko <linux@xxxxxxxxxx> wrote:
> > This is an input chain. The loopback bypass is restricted
> > to PRE_ROUTING before v6.15-rc1.
>
> That opens another question, as i have in that chain:
>
> chain r_prerouting { # handle 1
> type filter hook input priority raw; policy accept;
> iif "lo" notrack accept comment "no lo conntrack" # handle 15
> ...
> }
>
> Why this notrack works?
It doesn't work.
You either have no conntrack active at all or you have another notrack rule in
output ("lo" is picked up in output, not prerouting).
