Arptables before Iptables, to route other gateways Ip´s traffic?
regino_m at hotmail.com
Tue Jun 20 17:56:42 CEST 2006
For much time I´ve been thinking in configuring an Hot Spot function in my Linux based router:
The function is to route traffic to the internet network, ok, but the client wouldn´t necessary have configured DHCP or the IP range of the local network of the router itself... in other words, the HotSpots can easily route traffic to an external network (internet) while it doesn´t matter at all the Ip config of the client, so the router could be 10.0.0.1, and the client could have it´s gateway configured at 192.168.0.1....
With Iptables, only, it´s impossible to do this, and I´ve been thinking configuring virtual interfaces in real time to route, but I think it´s almost impossible and too hard for me...
But recently I have had a look at arptables... mmmmmmmmmmm..... it can manage arp packets, and arp responses, so, my router maybe can do this:
0 - a client has not DHCP activated, and it´s network is quite different... ok, the client starts networking, and asks for MAC of it´s gateway static-ly configured (192.168.0.1)... it´s ARP.
1 - Router catches arp traffic.
2 - modify arp traffic and mangles the IP of the packet to itself... by example, sets IP of the Arp packet to 10.0.0.1 (linux router itself).
Now my questions:
1 - Does the ARP Request be answered with the linux router MAC address, so the client may register 192.168.0.1 to <MAC linux router> in its arp table????
2 - if the last one is true, I could think easily that the client would send non-local-traffic to <MAC linux router>, then IPTABLES IN THE ROUTER MAY FORWARD IT, AND MAYBE NAT IS POSSIBLE??????
3 - I think too NAT is difficult because Linux router may think 192.168.0.x (client) is at external network... can you imagine a way to solve this problem???????
4 - Do you understand something I said??? ;) ;)
I´m getting mad with this....
Thanks so much!
More information about the netfilter