Pablo Neira Ayuso wrote: > Patrick McHardy wrote: >> Great name. Took me a bit to realize the connection to "multicast" :) > > I thought about mcnugget target, but it seems to be already copyrighted ;) > >> Continuing the idea of a generic ARP address mangling target, >> this would have to be done in userspace using SIOCADDMULTI. >> >> I would also prefer that approach because the multicast mangling >> seems a bit like a hack which only works when the requesting >> host accepts a multicast MAC address in the ARP reply. > > Indeed, I didn't know about SIOCADDMULTI, great. I'll do it like you > have proposed. Thanks. Hey, just to let you know ;). The 'ip' tool already allows adding static multicast MAC addresses via SIOCADDMULTI. The following commands do the trick: ip maddr add 01:00:5e:00:01:01 dev eth1 arptables -I OUTPUT -o eth1 --h-length 6 \ -j mangle --mangle-mac-s 01:00:5e:00:01:01 arptables -I INPUT -i eth1 --h-length 6 --destination-mac \ 01:00:5e:00:01:01 -j mangle --mangle-mac-d $REAL_HWADDR1 Still the PKTTYPE iptables target that I posted is needed to make TCP and friends work in a devide that uses a multicast MAC. -- "Los honestos son inadaptados sociales" -- Les Luthiers -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
