Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Tue, Mar 21, 2017 at 01:09:47AM +0100, Linus Lüssing wrote: > On Sun, Mar 19, 2017 at 05:55:06PM +0100, Linus Lüssing wrote: > > On Fri, Mar 17, 2017 at 02:10:44PM +0100, Pablo Neira Ayuso wrote: > > > Wait. > > > > > > May this break local multicast listener that are bound to the bridge > > >

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Sun, Mar 19, 2017 at 05:55:06PM +0100, Linus Lüssing wrote: > On Fri, Mar 17, 2017 at 02:10:44PM +0100, Pablo Neira Ayuso wrote: > > Wait. > > > > May this break local multicast listener that are bound to the bridge > > interface? Assuming the bridge interface got an IP address, and that > >

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Wed, Mar 15, 2017 at 10:16:19PM +0100, Linus Lüssing wrote: > On Wed, Mar 15, 2017 at 07:15:39PM +0100, Pablo Neira Ayuso wrote: > > Could you update ebtables dnat to check if the ethernet address > > matches the one of the input bridge interface, so we mangle the > > ->pkt_type accordingly

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Wed, Mar 15, 2017 at 07:15:39PM +0100, Pablo Neira Ayuso wrote: > Could you update ebtables dnat to check if the ethernet address > matches the one of the input bridge interface, so we mangle the > ->pkt_type accordingly from there, instead of doing this from the > core? Actually, that was the

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Wed, Mar 15, 2017 at 03:27:20PM +0100, Linus Lüssing wrote: > On Wed, Mar 15, 2017 at 11:42:11AM +0100, Pablo Neira Ayuso wrote: > > I'm missing then why redirect is not then just enough for Linus usecase. > > For my usecase, the MAC address is configured by the user from a > Web-UI. It may or

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Wed, Mar 15, 2017 at 11:42:11AM +0100, Pablo Neira Ayuso wrote: > I'm missing then why redirect is not then just enough for Linus usecase. For my usecase, the MAC address is configured by the user from a Web-UI. It may or may not be the one from the bridge device. Besides, found it counter

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

Linus Lüssing wrote: > When trying to redirect bridged frames to the bridge device itself > via the ebtables nat-prerouting chain and the dnat target then this > currently fails: > > The ethernet destination of the frame is dnat'ed to the MAC address of > the bridge

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Wed, Mar 15, 2017 at 11:26:08AM +0100, Florian Westphal wrote: > Linus Lüssing wrote: > > When trying to redirect bridged frames to the bridge device itself > > via the ebtables nat-prerouting chain and the dnat target then this > > currently fails: > > > > The

Re: [Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

On Wed, Mar 15, 2017 at 04:18:11AM +0100, Linus Lüssing wrote: > When trying to redirect bridged frames to the bridge device itself > via the ebtables nat-prerouting chain and the dnat target then this > currently fails: > > The ethernet destination of the frame is dnat'ed to the MAC address of >

[Bridge] [PATCH net] bridge: ebtables: fix reception of frames DNAT-ed to bridge device

When trying to redirect bridged frames to the bridge device itself via the ebtables nat-prerouting chain and the dnat target then this currently fails: The ethernet destination of the frame is dnat'ed to the MAC address of the bridge itself just fine and the correctly altered frame can even be