|
Is it possible to set up an Ethernet-bridge-netfilter so that it doesn’t have an IP address except localhost 127.0.0.1 or a non routable address such as 192.168.xx.xx and use the netfilter iptables or ebtables target REDIRECT to “intercept” connections to port 22 and handle them on the bridge device itself and transparent pass all other traffic across the bridge.
I was thinking that I could use the REDIRECT target to redirect port 22 with the dest ip address getting rewritten to 127.0.0.1 or even a 192.168 address coming in on one interface and then have the bridge respond and have it rewrite the source address on the outbound side to the original dest addr.
This way I could plug in this transparent bridge without having to configure or know the ipaddress of the external router or the ipaddress of the machine on the internal lan and still be able to intercept certain ports/services.
Thanks, Geoff
|
