why network bridge do not forwarding icmp_redirect package

    I setup a linux box act as a firewall, just use bridge mode. For
    hot-standby reasons, I need the box could forward all icmp_redirect package
    for special ip address. but which make me puzzled so much is it not work at

    as a easy testing, I set up a testing envirenment like:

    PC1( -------------------------- (eth0) LINUX BOX
    just send icmp_redirect package with a tool named sing

    the command like:
    sing -red -gw -dest -S -x
    host -prot tcp -psrc 123 -pdst 123

    and testing with proc files values:
    /proc/sys/net/ipv4/conf/all/accept_redirects 1
    /proc/sys/net/ipv4/conf/all/send_redirects 1
    /proc/sys/net/ipv4/conf/all/secure_redirects 0/1
    /proc/sys/net/ipv4/ip_forward 1
    /proc/sys/net/ipv4/icmp_echo_ignore_all 0
    /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts 0

    but why I could not receive any icmp_redirect package on PC2!??
    (PC1 could ping PC2, that means linux box's network bridge is work fine)

    to make sure with the rules, I clear all firewall rules, and add a

    iptalbes -t mangle -A PREROUTING -p icmp --icmp-type 5 -j ACCEPT

    It shows their will be some redirect package received by box on eth0
    but rules as following:

    iptables -t mangle -A FORWARD -p icmp --icmp-type 5 -j ACCEPT
    iptables -t nat -A PREROUTING -p icmp --icmp-type 5 -j ACCEPT

    gives no package at all!
    it seems like the package is lost just after the mangle PREROUTING chain.

    Anyone PLS help me to make the package bypass the box!
