Hi, Indeed, I'm setting up a bridge on a network with multiples gateways. I need to set up port forwarding different for each gateway => need -- mac-dest. I can eventually MARK packets with ebtables and filter with iptables later. Maybe someone had done this before and give me more informations... regards, Stephane Le mercredi 15 septembre 2004 à 08:02 -0400, Jason Opperisano a écrit : > On Wed, 2004-09-15 at 05:56, Stephane Delcroix wrote: > > Hi, > > for a particular firewall, I need to match packet by mac-dest. > > I didnt find anything neither in netfilter doc nor in the kernel > > sources :( > > > > Is there a patch or an extension for netfilter to do that? > > > > regards, > > > > Stephane > > on a routing gateway; a destination MAC match is irrelevant, as the > destination MAC will always be that of the local machine (this pretty > much applies to a standalone host as well). > > destination MAC addresses are only really relevant to switches... > > anyways--i'm guessing you're probably trying to setup some sort of > bridge--in which case, you need "ebtables" which is available at: > > http://ebtables.sourceforge.net/ > > and can match on destination MAC address. > > my other guess would be maybe you're looking to match > broadcasts/multicasts, in which case--the pkttype match may be of some > interest to you. > > -j > -- Stephane Delcroix <stephane@xxxxxxxxxxxx>
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
