Hello, k-yo@xxxxxxxxxxx a écrit : > > I have a bridge with a single ebtables rule to redirect all > IPv4-containing frames to layer 3 filtering: > > # ebtables -t broute -A BROUTING -p IPV4 -j redirect --redirect-target > DROP --log-level notice --log-prefix "br_br_br: " > > then, if I send a frame containing IPv4 from one host to another one > connected on another port of the bridge, I am supposed to get the > destination MAC address to be the one of the bridge port it entered the > bridge if I believe the documentation. > > Or, logging packets with iptables, I see the source MAC address to > become the bridge port address, and the destination MAC address the one > of the host the message came from. > > ---- log on the bridge ----- > > Aug 28 11:15:08 spy kernel: [ 4952.682369] br_br_br: IN=eth0 OUT= MAC > source = 08:00:27:d5:24:36 MAC dest = 08:00:27:17:49:6d proto = 0x0800 > Aug 28 11:15:08 spy kernel: [ 4952.682406] ip_raw_pre: IN=eth0 OUT= > MAC=08:00:27:df:b7:98:08:00:27:d5:24:36:08:00 SRC=192.168.142.103 > ---- ip a on bridge ---- > > 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast > master br0 state UP qlen 1000 > link/ether 08:00:27:df:b7:98 brd ff:ff:ff:ff:ff:ff I see nothing wrong here. The value following MAC= is the Ethernet header in network order, i.e. destination:source:protocol. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
