From mboxrd@z Thu Jan 1 00:00:00 1970 From: Carl-Daniel Hailfinger Date: Tue, 18 Oct 2005 00:03:23 +0000 Subject: [LARTC] Re: [Ebtables-user] brouting on interfaces without IP Message-Id: <43543BCB.7030604@gmx.net> List-Id: References: <1129569944.3394.1.camel@localhost.localdomain> In-Reply-To: <1129569944.3394.1.camel@localhost.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Bart De Schuymer schrieb: > Op do, 13-10-2005 te 23:55 +0200, schreef Carl-Daniel Hailfinger: > >> However, once I insert the ebtables rule to actually do the >> redirection, all packets I want to redirect get dropped. This >> happens regardless of where I try to broute the packets. I tried >> DROPping them in BROUTING, REDIRECTing them in PREROUTING, DNATing >> them to the MAC of eth0 in PREROUTING, but each time the packets >> never leave eth0. >> [...] >> bridge:~ # ebtables -t nat -L --Lx >> ebtables -t nat -N ifacefilter-int ebtables -t nat -N proxy >> ebtables -t nat -A PREROUTING -i bridgeint -j ifacefilter-int >> ebtables -t nat -A ifacefilter-int -p IPv4 --ip-src 192.168.0.0/24 >> --ip-proto tcp --ip-dport 80 -j proxy >> ebtables -t nat -A proxy -j mark --set-mark 0x1 --mark-target >> CONTINUE > >> ebtables -t nat -A proxy -j dnat --to-dst 00:11:22:33:44:55 >> --dnat-target ACCEPT > > > Make this 00:01:02:03:04:05, or just use -j redirect Sorry if I was unclear, but -j redirect doesn't work. Same for --to-dst 00:01:02:03:04:05. That's why I tried to use the MAC of eth0 in --to-dst. Regards, Carl-Daniel _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc