>>My theory is that the original MAC-address is somehow added to the SKB >>before it reaches the output-part of the RAW-table (which is where I >>hook in), > > Routing is done before rawpost, yes, but before the (traditional) raw table. > (it's in skb->dst) Ok, I assumed that the MAC-header was added at a lower layer, but that was then wrong? For some reason I have always though skb->dst was the IP-adress, I will look into that field. >>because of the sender's mapping between the original >>destination IP and MAC. However, I have not been able to figure this >>out. Also, I looked at the NAT-code, but it seems to "only" change >>IP-address as well. Have I overlooked something or am I correct? > > Most likely RAWS/DNAT should gain another option to also tweak the > MAC daddr, by calling ip_route_output_key to get a new skb->dst. This sounds like a good idea. I will look at the ip_route_output_key, try to write a function for my module and patch it into RAWNAT (unless somebody else does it first). >>Btw, RAWDNAT throws up a couple of errors on my machine, so I have not >>been able to see it it does what I want to do. > > Which errors? > After struggling a bit with the compilation (I had to remove the iptable_rawpost.o ip6table_rawpost.o in Kbuild or the compiler complained that it couldn't find the files), I get this error when I try to use it: kristrev@mylatop:~/src/xtables-addons-1.12$ sudo iptables -A PREROUTING -t raw -p udp -d 192.168.101.14 --dport 9999 -j RAWDNAT --to-destination 192.168.100.250 iptables: Invalid argument -Kristian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
