1
I want to be able to redirect all traffic which have a specific destination IP (say 192.168.168.192), passing through a software bridge on Linux (br1), to localhost.
As far as I understood I need to do something like:
ebtables -t broute -A BROUTING -p IPv4 --ip-dst 192.168.168.192 -j redirect --redirect-target DROP
and then DNAT-ing/SNAT-ing via iptables.
The problem is that the device on which I am trying to configure it seems to not support the -j redirect part. Is there any way (without recompiling the kernel) to do the same with help of iptables/ebtables? For example doing:
ebtables -t broute -A BROUTING -p IPv4 --ip-dst 192.168.168.192 -j DROP
And then do some iptables magic?
Evengard
Posted 2018-04-27T07:48:18.380
Reputation: 1 500
2Just read the description of the
redirecttarget inman ebtables. For BROUTING you can replace theredirecttarget with multiplednattargets that will specify the incoming bridge port's MAC (so one rule per bridge port ). Hope this helps. I'm not sure about the overall method though, but I don't have much experience on this. – A.B – 2018-04-28T19:15:45.420Thanks for the tip, I think I'll try to look into DNAT-ing. That's actually good enough for me as I need to redirect only packets from one bridge port. – Evengard – 2018-04-30T01:03:15.843