On Sun, Jul 15, 2007 at 06:01:24PM +0200, Jan Engelhardt wrote:

ebtables -t nat -A POSTROUTING -m <some_condition> -j snat --to-source <orig_mac>

Simple :) (you'd still need arpreply, and something like connmark, so that you can properly can figure out orig_mac). This is not so much of a tproxy job IMO.

That is the effect I want to achieve. But these rules need to be enacted dynamically as each client connects to the proxy. I had hoped to leverage the connection tracking that tproxy was doing in order to ensure the ebtables nat rules had the same lifetime as the associated tcp connection. And, as Balazs suggests, I also need to grab the orig_mac from the client connection to use when setting up such a rule. Cam