avoid ip forward replaces the source MAC address
John Mahoney
jmahoney at waav.com
Wed Feb 2 14:26:02 EST 2011
On Tue, Feb 1, 2011 at 2:39 PM, John Mahoney <jmahoney at waav.com> wrote:
> On Tue, Feb 1, 2011 at 2:27 PM, Elvis Yoan Tamayo Mollares
> <etmoyares at grm.uci.cu> wrote:
>> hi list, during ip forwarding process, the kernel replace the source MAC
>> address of the package it received with my own MAC address.. My question
>> is: Is there any way to avoid this behavior?
>
> That is what routing does at the ip layer. You may be able to
> accomplish this by bridging the two ports together so that the traffic
> is handled at layer 2.
As a side note, looking at the iptables target:
-m mac --mac-source XX:XX:XX:XX:XX:XX [1]
and the kernel code for that module (net/netfilter/xt_mac.c) it
appears that the src MAC address is saved in the sk_buff and is still
accessible in the PREROUTING, INPUT, and FORWARD chains via
eth_hdr(skb)->h_source.
I do not know if that helps. I guess my point is my first answer was
the logical one, but it may be possible if you think outside the box.
--
John
[1]http://www.faqs.org/docs/iptables/matches.html#TABLE.MACMATCH
More information about the Kernelnewbies
mailing list