Le lun 26/05/2003 à 10:45, Michael Stilmant a écrit : > Rappel: > when C send not filtered packet to A, A see the C MAC address with IP > 10.0.0.32. when B send filtered TCP/IP packet to A with IP address > 10.0.0.32 A see the B MAC address. This work but it's not acceptable. > the A MAC-IP association table will change setup all the time. What about a layer 2 SNAT on OUTPUT chain from B to A for filtered packets ? ebtables can achieve this. -- Cédric Blancher <blancher@xxxxxxxxxxxxxxxxxx> IT systems and networks security - Cartel Sécurité Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
