From mboxrd@z Thu Jan  1 00:00:00 1970
From: Victor Cassar <victorcassar@yahoo.com>
Date: Tue, 08 Apr 2003 20:13:00 +0000
Subject: Re: [LARTC] modifying ethernet header dst mac with ebtables?
Message-Id: <marc-lartc-104983289104396@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-104947553719906@msgid-missing>
In-Reply-To: <marc-lartc-104947553719906@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

Julian , Martin

I=B4ve succesfully tested the ebtables experiment
doing dnat and writing specific mac instead of all
FF=B4s to the arp querys

it works fine=20

if some one want see the small cap file is available
at

http://megaserv.homeip.net/arp.cap

regards

and thanks again for your help


--- Julian Anastasov <ja@ssi.bg> wrote:
>=20
> 	Hello,
>=20
> On Fri, 4 Apr 2003, Martin A. Brown wrote:
>=20
> >  : I=B4m working in a briding enviroment and i want
> to be sure that my arp
> >  : requests outgoing a bridge interface will be
> hear by only one specific
> >  : device (because of security reason)
>=20
> 	Victor, what about trying something similar to the
> example
> in the ebtables docs:
>=20
> ebtables -t nat -A PREROUTING -d ff:ff:ff:ff:ff:ff
> -i eth0 -j dnat --to-destination 54:44:33:22:11:00
>=20
> >  : are there any way to re-write the
> ff:ff:ff:ff:ff:ff on this arp request
> >  : so they appears like a unicast?
> >
> > I imagine that Julian will jump in here and reply
> to you, but I thought
> > I'd point you to ip arp, an add-on tool Julian has
> written for iproute2.
> >
> >   http://www.ssi.bg/~ja/#iparp
>=20
> 	iparp can not see these packets (layer 2) but for
> other
> purposes probes can be originated with unicast dst
> MAC in this way:
>=20
> ip arp add table output to 1.2.3.4 lldst
> 00:11:22:33:44:55
>=20
> >  : Do de ip stack understand this "unicast" arp
> request?
>=20
> 	Yes but at MAC level the ARP code cares only for
> unicast/broadcast, no matter the actual dst MAC of
> the received
> packet.
>=20
> Regards
>=20
> --
> Julian Anastasov <ja@ssi.bg>
>=20
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
http://lartc.org/


__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online, calculators, forms, and more
http://tax.yahoo.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/