kernel-janitors@vger.kernel.org
bdschuym@pandora.be
...相关的收件人邮箱
Hi,everyone
As we know,the NAT netfilter-hook for IP hooking at OUTPUT is called after routing,so we must rerouting if the destinaton or source address is changed by NAT after the hook.It's all right as the kernel shown for us.But I don't see any logic for rerouting after the bridged-NAT.If bridge-NAT changes a destination or source MAC address,we should do bridge-rerouting as the IP-layer do.
I have only the kernel of version 2.6.8,so I patch on it.Thought the bridge-logic of kernel source of version 2.6.3X has not been changed,it's no matter to patch on kernel of version 2.6.8.
Best wishes
...邮件签名
--- kernel-source-2.6.8/net/bridge/netfilter/ebtable_nat.c 2004-08-14 01:38:09.000000000 -0400
+++ kernel-source-2.6.8/net/bridge/netfilter/ebtable_nat.c 2010-09-25 23:18:13.040825944 -0400
//以上不标准,正确的做法应该是在git源码树上修改...
@@ -10,6 +10,7 @@
#include <linux/netfilter_bridge/ebtables.h>
#include <linux/module.h>
+#include "../br_private.h"
#define NAT_VALID_HOOKS ((1 << NF_BR_PRE_ROUTING) | (1 << NF_BR_LOCAL_OUT) | /
(1 << NF_BR_POST_ROUTING))
@@ -61,6 +62,30 @@
};
static unsigned int
+ebt_nat_dst_local(unsigned int hook, struct sk_buff **pskb, const struct net_device *in
+ , const struct net_device *out, int (*okfn)(struct sk_buff *))
+{
+ struct net_bridge *br = netdev_priv(out);
+ struct net_bridge_fdb_entry *dst;
+ char orig_mac[ETH_ALEN] = {0};
+ unsigned int ret = 0;
+ memcpy(orig_mac, ((**pskb).mac.ethernet)->h_dest, ETH_ALEN * sizeof(unsigned char));
+ ret = ebt_do_table(hook, pskb, in, out, &frame_nat);
+ if (strncmp(((**pskb).mac.ethernet)->h_dest, orig_mac, ETH_ALEN)) {
+ rcu_read_lock();
+ if ((((**pskb).mac.ethernet)->h_dest)[0] & 1)
+ br_flood_deliver(br, *pskb, 0);
+ else if ((dst = __br_fdb_get(br, ((**pskb).mac.ethernet)->h_dest)) != NULL)
+ br_deliver(dst->dst, *pskb);
+ else
+ br_flood_deliver(br, *pskb, 0);
+ rcu_read_unlock();
+ return NF_STOLEN;
+
+ }
+ return ret;
+}
+static unsigned int
ebt_nat_dst(unsigned int hook, struct sk_buff **pskb, const struct net_device *in
, const struct net_device *out, int (*okfn)(struct sk_buff *))
{
@@ -76,7 +101,7 @@
static struct nf_hook_ops ebt_ops_nat[] = {
{
- .hook = ebt_nat_dst,
+ .hook = ebt_nat_dst_local,
.owner = THIS_MODULE,
.pf = PF_BRIDGE,
.hooknum = NF_BR_LOCAL_OUT,
分享到:
相关推荐
手打做了个文档,TEWA-800E光猫改桥接操作详细步骤,把路由模式改成桥接模式即可,对LAN1口打勾,路由器WAN口接光猫lan1口,然后路由器正常PPPOE拨号即可。
创捷pro-face触摸屏桥接模块(profibus)产品说明书pdf,创捷pro-face触摸屏桥接模块(profibus)产品说明书
设计模式专题之(十)桥接模式---设计模式桥接模式示例代码(python--c++)
路由器配置新手上路----桥接与路由.pdf
ros-winbox中的桥接设置 看了就明白怎么做的
无线路由器TP-LINK+TL-WR340G+无线桥接设置.docx
TP-LINK无线路由器桥接详细设置教程.doc
C++20设计模式学习笔记-第7章桥接模式学习代码
WLAN-WDS无线网络桥接及手机终端优化.pdf
免费提供个人设计模式简易代码,代码结构层次清晰,并且内含基本所有的注释,非常有利于初学者学习设计模式
【IT十八掌徐培成】Linux第02天-04.网络连接方式-桥接-NAT-OnlyHost-静态ip配置.zip
SwiftPython - 将Swift桥接到Python的实验
需要桥接的应用场景2. 环境3. 配置步骤3.1 在宿主机中搭建网桥3.2 将网桥配置至虚拟机3.3 在虚拟机中配置网络4. 在终端中同时连接宿主机和虚拟机参考资源 1. 需要桥接的应用场景 假设一场景:在一运行Ubuntu桌面的...
虚拟机VMware3种网络模式(桥接、nat、Host-only)的工作原理.docx虚拟机VMware3种网络模式(桥接、nat、Host-only)的工作原理.docx虚拟机VMware3种网络模式(桥接、nat、Host-only)的工作原理.docx虚拟机VMware3种网络...
TP-Link路由器怎么桥接 很多朋友不知道怎么将2台TP-Link无线路由器桥接到一起,下文小编就为大家详细介绍,一起看看吧
djangobot: 通过 Channels 桥接 Slack 和 Django
多个DlinkDIR-605L无线路由器桥接技术
本篇文章主要是介绍详解VirtualBox虚拟机网络环境解析和搭建-NAT、桥接、Host-Only、Internal、端口映射,有兴趣的可以了解一下。
百利通半导体(Pericom Semiconductor)公司前不久发表新款PCIE-TO-PCIX桥接产品。同时,该公司还已推出大量PCIE技术的相关产品,其中包括交换、时钟、交接,信号切换以及信号驱动等器件。 新发表的PCIE-TO-PCIX桥PI...
实例讲解虚拟机3种网络模式(桥接、nat、Host-only),请用notepad 或Uedit32打开