RE: transparent tcp proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2003-05-24 at 04:05, George Vieira wrote:
> Hmm. I don't think bridging copies the packets MAC address over. it just copies the packet data with it's source and destination IPs.
> 
> Can I ask what the mac address is used for, or needed for? Is it for some authenticity reasons?

No, I don't need ti used the MAC Address. And actually my 
iptables filter work pretty well. But, with this, 
the MAC address of the source host change for each connection


                     10.0.0.225
                     +--------+
                     |   B    |
   +-----+           |        |          +-----+
   |  A  +-----------[ebtables]----------|  C  |
   +-----+           +--------+          +-----+
   10.0.0.3                             10.0.0.32     


Rappel:
when C send not filtered packet to A, A see the C MAC address with IP
10.0.0.32. when B send filtered TCP/IP packet to A with IP address 
10.0.0.32 A see the B MAC address. This work but it's not acceptable.
the A MAC-IP association table will change setup all the time. 


Michael




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux