how do I target a specific machine - not ip address?
Michael P. Brininstool
mikepb at hoplite.org
Tue Dec 12 17:28:41 CET 2006
>I thought about putting the laptop's MAC address in the packet, and
>using mac-source, but I've it seems to MAC address is stripped out over
I think you misunderstand how the mac address is used.
Your data is broken into chunks and wrapped with TCP headers containing port
numbers, these chunks are wrapped in IP headers containing IP addrs. Those
chunks of data are wrapped in ethernet headers containing MAC addrs. The
ethernet headers are only valid on the current LAN segment or collision
domain. As soon as the ethernet wrapped "frame" is received at some device
that speaks ethernet (like a gateway router), the ethernet headers (wrapper)
are removed and discarded. The IP wrapped data will be RE-WRAPPED in
ethernet headers valid for the segment on the other side of the router.
This continues until the data reaches the destination. There is no way to
preserve the MAC address when the destination is not in the same collision
domain unless you want to invent your own tunneling protocol.
More information about the netfilter