From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Wed, 3 Dec 2008 11:30:42 -0800 From: Stephen Hemminger Message-ID: <20081203113042.392f078d@extreme> In-Reply-To: <495641228242344@webmail54.yandex.ru> References: <495641228242344@webmail54.yandex.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: [Bridge] ethernet bridging and http header enrichment List-Id: Linux Ethernet Bridging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Ivan Chernyavsky Cc: bridge@lists.linux-foundation.org On Tue, 02 Dec 2008 21:25:44 +0300 Ivan Chernyavsky wrote: > Dear all, > > I have following problem to solve: > > 1. Traffic should go thru my box transparently --- no changes > in IP or MAC addresses. > > 2. Part of that traffic, namely, some web traffic to particular > hosts, should be "enriched" by adding some headers to HTTP > requests. Size of original requests is guaranteed to be > small enough so that header insertion will not make them to grow > above max allowed ethernet frame size. > > I know how to handle (1), and that's why I'm here. But I don't > have much ideas how to perform (2) in that context. > > I was looking to write an 'ebtables' extension, but it seems > that it is impossible to alter the frame size using these (am > I wrong?). Using them together with some userland application > like Squid, from my opinion, would break my condition (1) (again, > am I so wrong??). > > Could you please point me to some documentation or bring an idea > how that could be accomplished? > > Thanks in advance, > Use iptables, and queue?