Re: Rewrite MAC-adr on outgoing packages?

To: debian-firewall@lists.debian.org
Subject: Re: Rewrite MAC-adr on outgoing packages?
From: Jörn Engel <joern@wohnheim.fh-wedel.de>
Date: Wed, 24 Jan 2001 18:15:23 +0100
Message-id: <[🔎] 20010124181523.B13369@wohnheim.fh-wedel.de>
In-reply-to: <[🔎] 20010124123843.A12497@micropp.se>; from lah@micropp.se on Wed, Jan 24, 2001 at 12:38:43PM +0100
References: <[🔎] 20010123220154.A19902@micropp.se> <[🔎] 20010124103035.A5338@wohnheim.fh-wedel.de> <[🔎] 20010124123843.A12497@micropp.se>

Hi!

> > If you want to change the MAC address of a package without repackaging it,
> > you will have to write the patch yourself. And it is not trivial.
> > You have to change the MAC address of outgoing frames (trivial)
> 
> Yes, I belive this to be trivial. However, as I have no deep understanding 
> of networking and newer browsed any kernel source before, I expect it to 
> be a hard time finding the right spot to implement it ;-)
> 
> > and of incoming ones (tough).
> 
> Do I realy need to do this? And why in that case?

The response will be send back to the source of the original package. Since
your linux box seems to be the source for every package, it will receive
every response. And what do you do with unwanted letters? :)

> > Set you linux box up as a router, thus repackaging all IP packets. With
> > squid and danted (socks) properly configured, the other boxes can access the
> > internet and you have a single firewall for every box.
> 
> Sorry for this newbe level ;-) But what deside if a packege is past thru 
> 'as is' or properly repackaged?

Look for ISO-OSI. An IP package from one computer to another one in the same
subnet will be delivered to layer 2 (ethernet, token ring, ...) on the
source computer. Ethernet will usually add a header with the MAC address of
the destination computer and send it across the wire. The destination
computer will strip it from the ethernet header and deliver it to its IP
stack for further processing.
A package to a computer on a distant subnet will be send to the router in
the described fashion, the router strips the ethernet header, delivers it to
the ip stack, the routing tables will determine the right interface and
destination computer, to the next layer 2 (possibly VGAnylan, ...) and so
on.
Every time, the IP package will receive a new ethernet header and your
cablemodem will only see one MAC address.

> I did belive everything pasing the kernel whas repackaged, but then stuff 
> like ARP must contain the (in my case) 'wrong' MAC-adress somewhere 
> else :-(

I am not very sure about arp-proxy, but a bridge will forward any package
without touching it. 

I hope, this helps.

-- 
A loving atmosphere in your home is the
foundation for you life.

Reply to:

Follow-Ups:
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Lars Hallberg <lah@micropp.se>

References:
- Rewrite MAC-adr on outgoing packages?
  - From: Lars Hallberg <lah@micropp.se>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Jörn Engel <joern@wohnheim.fh-wedel.de>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Lars Hallberg <lah@micropp.se>

Prev by Date: Re: Rewrite MAC-adr on outgoing packages?
Next by Date: RE: UDP Forwarding & Ipchains
Previous by thread: Re: Rewrite MAC-adr on outgoing packages?
Next by thread: Re: Rewrite MAC-adr on outgoing packages?
Index(es):
- Date
- Thread