1
I want to be able to redirect all traffic which have a specific destination IP (say 192.168.168.192), passing through a software bridge on Linux (br1), to localhost.
As far as I understood I need to do something like:
ebtables -t broute -A BROUTING -p IPv4 --ip-dst 192.168.168.192 -j redirect --redirect-target DROP
and then DNAT-ing/SNAT-ing via iptables.
The problem is that the device on which I am trying to configure it seems to not support the -j redirect
part. Is there any way (without recompiling the kernel) to do the same with help of iptables/ebtables? For example doing:
ebtables -t broute -A BROUTING -p IPv4 --ip-dst 192.168.168.192 -j DROP
And then do some iptables magic?
2Just read the description of the
redirect
target inman ebtables
. For BROUTING you can replace theredirect
target with multiplednat
targets that will specify the incoming bridge port's MAC (so one rule per bridge port ). Hope this helps. I'm not sure about the overall method though, but I don't have much experience on this. – A.B – 2018-04-28T19:15:45.420Thanks for the tip, I think I'll try to look into DNAT-ing. That's actually good enough for me as I need to redirect only packets from one bridge port. – Evengard – 2018-04-30T01:03:15.843