[tproxy] TProxy version 4.0.0 released
Jan Engelhardt
jengelh at computergmbh.de
Fri Aug 3 09:49:44 CEST 2007
On Aug 2 2007 16:56, Cameron Schaus wrote:
>Jan Engelhardt wrote:
>> Your bridge sends a packet with a foreign address. So the
>> ISP router will ask "arp who-has .34.99", and a client responds with
>> ".34.99 at MAC macof3499". Then the router will send whatever IPv4
>> packet it wanted to send -- to macof3499, NOT to macofbridge.
>
>I agree with the above statements. However, for my testing, I added a
>static arp entry
Well, _where_ did you add this entry? It must be added to .34.1,
not .34.2 and not .34.99. And that raises problems, for example:
- .34.1 is not under your control and/or has no way to add ARP entries
(like most routers which only have a web interface)
- there is more than just .34.1, for example if
br0[eth0+eth1] were the combined .34.0/24 (no router so to speak),
then you would have to add ARP for all machines on all machines (yikes!)
> of the foreign IP address (.34.99, from your example)
>with the MAC address of my bridge. So the packet should arrive at the
>bridge with the dest MAC set to the bridge's MAC address.
>
>It sounds like this should be enough to cause the packet to be sent
>back up the stack to my test code. But what I see is that my bridge
>ends up sending out arp requests for the foreign IP address (.34.9).
>So this is not the expected behaviour?
Jan
--
More information about the tproxy
mailing list