I have 2 eth cards on the same host. Both connected directly with LAN cable.

I set eth0 with ip - 192.168.1.2
I set eth1 with ip - 192.168.1.1

I set this rule:

iptables -A INPUT -p tcp -j NFQUEUE --queue-num 0

There are no other rules. (I ran iptables -X,-F)

I send TCP syn packet ( with c++ program by using raw socket) from 192.168.1.2 to 192.168.1.1

In wireshark i see that the packet received on eth0, but the iptables rule (above) dosnt apply for this packet. when i sent the packet to remote host and apply this rule on the remote host than it work correct.

So, i guess that this is due to the fact that both eth cards exists the same host. . I need to create iptables INPUT rule for local eth card (dest and src on the same machine ). I need it for simplify test.

Did i guess the problem correct? is there a way to bypass this?

Ps - connected them via switch didn't help. the rule wasn't applied. Run on Ubuntu.

TCDUMP show the packet:

10:48:42.365002 IP 192.168.1.2.38550 > 192.168.1.1.34298: Flags [S], seq 0, win 5840, length 0

but logging of iptables like this, has nothing:

iptables -A INPUT -p tcp -j LOG  --log-prefix '*****************'
iptables -A OUTPUT -p tcp -j LOG  --log-prefix '#################'