Phil Sutter <phil@xxxxxx> wrote: > > ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect > > nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef \ > > counter meta pkttype set host ether daddr set meta ibrhwdr accept' > > Now in broute table, ebt_redirect.ko sets the ether daddr of the packet > to that of the incoming interface, i.e. the bridge port not the bridge > itself. We'll need an extension for that, too right? Yes, but i don't think the broute feature is that relevant given the lack of requests for support in nftables. Most want to make the packet enter the bridge input path and not pretend that the bridge didn't exist in the first place. > I guess just > calling 'redirect' verdict will manipulate the IP header as well which > we don't want Can you point me to the code that alters the IP header? I can't find anything.
