On Sun, 2007-07-15 at 18:01 +0200, Jan Engelhardt wrote:

On Jul 15 2007 17:38, Balazs Scheidler wrote:

...

On Wed, 2007-07-11 at 14:58 -0600, Cameron Schaus wrote:

...

I am using tproxy to do source IP address transparency on our proxy, and it is working well. I would like to extend the functionality of tproxy to provide source MAC address and VLAN transparency as well. The proxy in question runs as a transparent bridge, so I think that I have to integrate the tproxy framework with ebtables, but I'm not 100% sure how to go about that.

ebtables -t nat -A POSTROUTING -m <some_condition> -j snat --to-source <orig_mac>

Simple :) (you'd still need arpreply, and something like connmark, so that you can properly can figure out orig_mac). This is not so much of a tproxy job IMO.

Yes, but you don't know 'orig_mac', it depends on the incoming connection. For example, you have two clients, each going through a tproxy based proxy. On the outgoing side, each would need to have its original MAC address, and without having to establish a rule for each client. -- Bazsi