Pascal Hambourg wrote:
Hello,
sean a écrit :
Daniel Musketa wrote:
AFAIK MAC addresses are used in ethernet to address ethernet frames.
On ip routed ppp0 no ethernet frames arrive.
OK. If that's the case, then the --mac-source target would only work
on a LAN, not over the ethernet.
I guess you mean over the *in*ternet. Ethernet is a LAN technology.
This would mean thatthe --mac-sourse target has very limited use -
only on local LANs.
Indeed, the scope of a MAC address is link local, limited to the LAN.
But there is still a place for a MAC address.
On an IP/PPP link ? No way. A PPP interface has no MAC address, it is
useless. There is a place only in the lines that the LOG target prints
because they have a fixed format.
How can I put one in the packet on the client side? This would allow
me to use it over the internet.
You cannot use MAC addresses over an IP/PPP link. You cannot rely on MAC
addresses over the internet either because this is layer 2 information
that is not routed by definition.
But I don't want to use the MAC address to route anything. I
just want to stick it in the packet so _iptables_ will see it.
The internet routers just look at the ip address, so I
wouldn't think they'd strip out the MAC address, do they?
If not, then if the client inserts a MAC address, couldn't
iptables use it when it finally arrives.
sean
