This is necessary so NAT64 happens after iptables does filtering.
It's also needed so Jool catches local traffic, which is needed by local CLATs.
As an added bonus, it invalidates issue #90. Woot!
Progress so far, summary:
- Issue #33: Done.
- Issue #41: Done.
- Issue #107: Done.
- Issue #111: dhfelix is done, but haven't even started to review.
- Issue #116: EAM done, moved from prerouting done, dummy interface done. Missing (off the top of my head):
- Adapting the global packet processing pipeline for stateless mode.
- Configuration options.
- Review RFC 6145 and updaters.
- Issue #120: Done.
- Issue #121: Not done.
Everything needs testing. There are known bugs with fragmentation.