lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 07 Sep 2009 22:16:08 -0400 From: jamal <hadi@...erus.ca> To: Xiaofei Wu <xiaofei_wu08@...oo.com> Cc: linux netdev <netdev@...r.kernel.org> Subject: Re: [iproute2] tc action mirred question On Mon, 2009-09-07 at 09:05 -0700, Xiaofei Wu wrote: > (1) Could I use pedit action to modify the dst MAC, so the destination node D will accept it, > then forward it to node C? Yes, you can achieve it with pedit; > (or use other tools to modify the dst MAC, please give me more information) > it is as usable as u32 is - you have to know your offsets example, here's something done on an incoming packet: =-= #Note: #dst MAC starts at -14 #src MAC at -8 #ethertype at -2 # tc filter add dev eth1 parent ffff: protocol ip prio 10 u32 \ match ip src 192.168.2.11/32 flowid 1:2 \ action pedit munge offset -14 u16 set 0x0000 \ munge offset -12 u32 set 0x00000200 \ munge offset -8 u32 set 0x0aaf0100 \ munge offset -4 u32 set 0x0008eb06 pipe \ action mirred egress redirect dev eth0 ---- > (2) If I use 'ifconfig wlan0 promisc ... ' on node D, would it route the mirroring packets > (the dst MAC is incorrect) > to node C? It may work. Go and try running some experiments. cheers, jamal -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists