Bart De Schuymer wrote: > Patrick McHardy schreef: >> Yes, we need to save it at some point. My idea was that we might be able >> to save it in PREROUTING instead of POSTROUTING and only do >> >> nskb->nf_bridge = nf_bridge_get(oskb->nf_bridge) >> >> in ipt_REJECT and probably also the ICMP code. MAC NAT could be handled >> by updating the bridge info simultaneously. >> >> > The code creates a new skbuf and the correct source MAC address is lost > if you don't attach it to the skbuf at that time. That's what I'm doing above. > How will you know in > PREROUTING what SMAC to use if you didn't save it when you created the > skbuf? I'm not sure I understand what you're getting at. The above line of code would do exactly that, attach the nf_bridge data from the original packet to the newly created one. But for this to work we need to make sure its valid in all hooks, hence my suggestion to save it in PREROUTING instead of POSTROUTING. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
