unexpected behavior of ebtables' BROUTING target redirect

k-yo@xxxxxxxxxxx · Thu, 28 Aug 2014 11:28:34 +0200

Hello,

I have a bridge with a single ebtables rule to redirect all 
IPv4-containing frames to layer 3 filtering:

# ebtables -t broute -A BROUTING -p IPV4 -j redirect --redirect-target 
DROP --log-level notice --log-prefix "br_br_br:   "

then, if I send a frame containing IPv4 from one host to another one 
connected on another port of the bridge, I am supposed to get the 
destination MAC address to be the one of the bridge port it entered the 
bridge if I believe the documentation.

Or, logging packets with iptables, I see the source MAC address to 
become the bridge port address, and the destination MAC address the one 
of the host the message came from.

I am lost on this issue, it does not make sense to me and wonder where I 
failed…

Thanks a lot for any help, see below for details.

---- log on the bridge -----

Aug 28 11:15:08 spy kernel: [ 4952.682369] br_br_br:   IN=eth0 OUT= MAC 
source = 08:00:27:d5:24:36 MAC dest = 08:00:27:17:49:6d proto = 0x0800
Aug 28 11:15:08 spy kernel: [ 4952.682406] ip_raw_pre: IN=eth0 OUT= 
MAC=08:00:27:df:b7:98:08:00:27:d5:24:36:08:00 SRC=192.168.142.103 
DST=192.168.142.254 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=1 PROTO=TCP 
SPT=20 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Aug 28 11:15:08 spy kernel: [ 4952.682443] ip_man_pre: IN=eth0 OUT= 
MAC=08:00:27:df:b7:98:08:00:27:d5:24:36:08:00 SRC=192.168.142.103 
DST=192.168.142.254 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=1 PROTO=TCP 
SPT=20 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Aug 28 11:15:08 spy kernel: [ 4952.682464] ip_nat_pre: IN=eth0 OUT= 
MAC=08:00:27:df:b7:98:08:00:27:d5:24:36:08:00 SRC=192.168.142.103 
DST=192.168.142.254 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=1 PROTO=TCP 
SPT=20 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0

---- ip a on bridge ----

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
master br0 state UP qlen 1000
    link/ether 08:00:27:df:b7:98 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
master br0 state UP qlen 1000
    link/ether 08:00:27:d8:32:61 brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state 
UP
    link/ether 08:00:27:d8:32:61 brd ff:ff:ff:ff:ff:ff
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html