Patrick McHardy wrote: > Patrick McHardy wrote: >> Bart De Schuymer wrote: >>> Patrick McHardy schreef: >>>> Yes, we need to save it at some point. My idea was that we might be able >>>> to save it in PREROUTING instead of POSTROUTING and only do >>>> >>>> nskb->nf_bridge = nf_bridge_get(oskb->nf_bridge) >>>> >>>> in ipt_REJECT and probably also the ICMP code. MAC NAT could be handled >>>> by updating the bridge info simultaneously. >>>> >>>> >>> The code creates a new skbuf and the correct source MAC address is lost >>> if you don't attach it to the skbuf at that time. >> That's what I'm doing above. >> >>> How will you know in >>> PREROUTING what SMAC to use if you didn't save it when you created the >>> skbuf? >> I'm not sure I understand what you're getting at. The above >> line of code would do exactly that, attach the nf_bridge >> data from the original packet to the newly created one. >> But for this to work we need to make sure its valid in all >> hooks, hence my suggestion to save it in PREROUTING instead >> of POSTROUTING. > > This patchTo demonstrate the idea Please ignore, hit the wrong key :) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
