[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Re: Source MAC address through bridged connection
From:       Ed W <lists () wildgooses ! com>
Date:       2011-05-21 12:47:38
Message-ID: 4DD7B46A.3020607 () wildgooses ! com
[Download RAW message or body]

On 19/05/2011 17:11, Kelbel Junior wrote:
> Well, being more specific...
> The computer between the clients and the Mikrotik (border gateway) is
> a squid proxy operating in bridge, to intercept all traffic on the
> port 80

Then it's not a bridge because squid intercepts all packets and
generates new packets in response

However, there is an interesting new feature of squid, which was
discussed a couple of days ago, which allow squid to remark packets with
an outgoing firewall mark based on the incoming mark. With some thought
you might be able to leverage this to mark the packets in some way to
indicate they are valid to your next router (vlan tag, mac adjustment,
something else...)

Good luck

Ed W
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]