Patrick McHardy wrote: > Pablo Neira Ayuso wrote: >> This patch adds the PKTTYPE target which can be used to mangle the >> skbuff packet type field. This target is useful in conjunction with >> the arptables mcmangle target to TCP working again when a >> multicast hardware address is used. An example of its use: >> >> iptables -I PREROUTING ! -s 224.0.0.0/4 -t mangle \ >> -j PKTTYPE --to-pkt-type unicast >> >> Given the following arptables rule-set: >> >> arptables -I OUTPUT -o eth0 -j mcmangle --h-length 6 >> \ --mc-mangle-mac 01:00:5e:00:01:01 --mc-mangle-dev eth0 >> arptables -I INPUT --h-length 6 --destination-mac 01:00:5e:00:01:01 >> \ -j mangle --mangle-mac-d 00:zz:yy:xx:5a:27 >> >> See arptables mcmangle target for further information. > > That one refers to this patch :) So you're actually communicating > using TCP and multicast? Why don't you use UDP, which works fine > using multicast without pkttype mangling? If the netdevice uses multicast MAC address, the link layer sets skbuff pkttype to PACKET_MULTICAST and TCP (among others) doesn't like this. This target is required to make TCP work again if a multicast MAC address is used. -- "Los honestos son inadaptados sociales" -- Les Luthiers -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
