--mac-dest matching
Stephane Delcroix
stephane at delcroix.org
Wed Sep 15 14:23:56 CEST 2004
Hi,
Indeed, I'm setting up a bridge on a network with multiples gateways.
I need to set up port forwarding different for each gateway => need --
mac-dest.
I can eventually MARK packets with ebtables and filter with iptables
later.
Maybe someone had done this before and give me more informations...
regards,
Stephane
Le mercredi 15 septembre 2004 à 08:02 -0400, Jason Opperisano a écrit :
> On Wed, 2004-09-15 at 05:56, Stephane Delcroix wrote:
> > Hi,
> > for a particular firewall, I need to match packet by mac-dest.
> > I didnt find anything neither in netfilter doc nor in the kernel
> > sources :(
> >
> > Is there a patch or an extension for netfilter to do that?
> >
> > regards,
> >
> > Stephane
>
> on a routing gateway; a destination MAC match is irrelevant, as the
> destination MAC will always be that of the local machine (this pretty
> much applies to a standalone host as well).
>
> destination MAC addresses are only really relevant to switches...
>
> anyways--i'm guessing you're probably trying to setup some sort of
> bridge--in which case, you need "ebtables" which is available at:
>
> http://ebtables.sourceforge.net/
>
> and can match on destination MAC address.
>
> my other guess would be maybe you're looking to match
> broadcasts/multicasts, in which case--the pkttype match may be of some
> interest to you.
>
> -j
>
--
Stephane Delcroix <stephane at delcroix.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : /pipermail/netfilter/attachments/20040915/707e3be2/attachment.bin
More information about the netfilter
mailing list