thr3ads.net - LARTC - RE: Promisc routing [Aug 2004]

If this information is useful, please help other people find it:
Share via:

Sumit Pandya

2004-Aug-28 07:16 UTC

RE: Promisc routing

> From: "Roy" <roy@xxx.lt>
>
> I want to set interface to promisc mode and do all routing with iptables.
> Is it somehow possible? as I see now kernel do not pass everything to
> ipables.
>
> Basicaly I want to ignore ethernet addess and use only ip for routing.
>
> I suppose this may require writting special kernel driver or it
> is possible
> in other way?
	Probably you need only a kernel patched with ebtables/br-nf and use
iptables extensions ROUTE, TTL/ttl, TOS/tos, MARK/mark, multiport, mport,
etc.
	All the best,
-- Sumit

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Bart De Schuymer

2004-Aug-28 09:12 UTC

head link

Re: RE: Promisc routing

On Saturday 28 August 2004 09:16, Sumit Pandya wrote:> > From: "Roy" <roy@xxx.lt>
> >
> > I want to set interface to promisc mode and do all routing with
iptables.
> > Is it somehow possible? as I see now kernel do not pass everything to
> > ipables.
> >
> > Basicaly I want to ignore ethernet addess and use only ip for routing.
> >
> > I suppose this may require writting special kernel driver or it
> > is possible
> > in other way?
>
> 	Probably you need only a kernel patched with ebtables/br-nf and use
> iptables extensions ROUTE, TTL/ttl, TOS/tos, MARK/mark, multiport, mport,
> etc.
See http://ebtables.sourceforge.net/examples.html#easy "Making a
brouter" and
"Using the redirect target".

cheers,
Bart

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Roy

2004-Aug-28 14:13 UTC

head link

Re: RE: Promisc routing

Thanks,

but I I already found iptables promic chain patch.
Probably it will by  a bit simpler to use, and will  less space.
( need this for LinuxAP which ROM is only 1MB)

Probably I will install ebtables on my server.

By default linux aready have about as many limitations as windows.



----- Original Message ----- 
From: "Bart De Schuymer" <bdschuym@pandora.be>
To: "Sumit Pandya" <sumit@elitecore.com>;
<lartc@mailman.ds9a.nl>
Cc: <roy@xxx.lt>
Sent: Saturday, August 28, 2004 12:12 PM
Subject: Re: [LARTC] RE: Promisc routing

> On Saturday 28 August 2004 09:16, Sumit Pandya wrote:
> > > From: ''"''Roy''"''
<roy@xxx.lt>
> > >
> > > I want to set interface to promisc mode and do all routing
> with iptables.
> > > Is it somehow possible? as I see now kernel do not pass
> everything to
> > > ipables.
> > >
> > > Basicaly I want to ignore ethernet addess and use only ip
> for routing.
> > >
> > > I suppose this may require writting special kernel driver
> or it
> > > is possible
> > > in other way?
> >
> > Probably you need only a kernel patched with ebtables/br-nf
> and use
> > iptables extensions ROUTE, TTL/ttl, TOS/tos, MARK/mark,
> multiport, mport,
> > etc.
> 
> See http://ebtables.sourceforge.net/examples.html#easy
''"''Making a
> brouter''"'' and 
> ''"''Using the redirect
target''"''.
> 
> cheers,
> Bart
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> _______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Dmitry Golubev

2004-Aug-30 12:40 UTC

head link

Re: RE: Promisc routing

Still I don''t understand what are you trying to do - promisc mode is
only
useful for bridging/sniffing - just enable ip_forward, and that''s
all...

Dmitry

On Saturday 28 August 2004 17:13, "Roy" <roy@xxx.lt>
wrote:> Thanks,
>
> but I I already found iptables promic chain patch.
> Probably it will by  a bit simpler to use, and will  less space.
> ( need this for LinuxAP which ROM is only 1MB)
>
> Probably I will install ebtables on my server.
>
> By default linux aready have about as many limitations as windows.
>
>
>
> ----- Original Message -----
> From: "Bart De Schuymer" <bdschuym@pandora.be>
> To: "Sumit Pandya" <sumit@elitecore.com>;
<lartc@mailman.ds9a.nl>
> Cc: <roy@xxx.lt>
> Sent: Saturday, August 28, 2004 12:12 PM
> Subject: Re: [LARTC] RE: Promisc routing
>
> > On Saturday 28 August 2004 09:16, Sumit Pandya wrote:
> > > > From:
''"''Roy''"'' <roy@xxx.lt>
> > > >
> > > > I want to set interface to promisc mode and do all routing
> >
> > with iptables.
> >
> > > > Is it somehow possible? as I see now kernel do not pass
> >
> > everything to
> >
> > > > ipables.
> > > >
> > > > Basicaly I want to ignore ethernet addess and use only ip
> >
> > for routing.
> >
> > > > I suppose this may require writting special kernel driver
> >
> > or it
> >
> > > > is possible
> > > > in other way?
> > >
> > > Probably you need only a kernel patched with ebtables/br-nf
> >
> > and use
> >
> > > iptables extensions ROUTE, TTL/ttl, TOS/tos, MARK/mark,
> >
> > multiport, mport,
> >
> > > etc.
> >
> > See http://ebtables.sourceforge.net/examples.html#easy
''"''Making a
> > brouter''"'' and
> > ''"''Using the redirect
target''"''.
> >
> > cheers,
> > Bart
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Roy

2004-Aug-30 17:33 UTC

head link

Re: RE: Promisc routing

I actualy want to make remote wlan sniffing-monitoring device
I will use linuxAP and redirect everything it captures to the main server.
also I can use this to use ap without even associating with it.

On ethernet it is not so much usefull, because of switches.
I dont know it they allow to have same mac on more than one port




----- Original Message ----- 
From: "Dmitry Golubev" <dmitry@mikrotik.com>
To: <lartc@mailman.ds9a.nl>
Sent: Monday, August 30, 2004 3:40 PM
Subject: Re: [LARTC] RE: Promisc routing

> Still I don''t understand what are you trying to do - promisc
> mode is only
> useful for bridging/sniffing - just enable ip_forward, and that''s
all...
>
> Dmitry
>
> On Saturday 28 August 2004 17:13,
''"''Roy''"'' <roy@xxx.lt>
wrote:
> > Thanks,
> >
> > but I I already found iptables promic chain patch.
> > Probably it will by  a bit simpler to use, and will  less
> space.
> > ( need this for LinuxAP which ROM is only 1MB)
> >
> > Probably I will install ebtables on my server.
> >
> > By default linux aready have about as many limitations as
> windows.
> >
> >
> >
> > ----- Original Message -----
> > From: ''"''Bart De
Schuymer''"''
> <bdschuym@pandora.be>
> > To: ''"''Sumit Pandya''"''
<sumit@elitecore.com>;
> <lartc@mailman.ds9a.nl>
> > Cc: <roy@xxx.lt>
> > Sent: Saturday, August 28, 2004 12:12 PM
> > Subject: Re: [LARTC] RE: Promisc routing
> >
> > > On Saturday 28 August 2004 09:16, Sumit Pandya
> wrote:
> > > > > From:
''''"''''Roy''''"''''
> <roy@xxx.lt>
> > > > >
> > > > > I want to set interface to promisc mode and do
> all routing
> > >
> > > with iptables.
> > >
> > > > > Is it somehow possible? as I see now kernel do
> not pass
> > >
> > > everything to
> > >
> > > > > ipables.
> > > > >
> > > > > Basicaly I want to ignore ethernet addess and
> use only ip
> > >
> > > for routing.
> > >
> > > > > I suppose this may require writting special
> kernel driver
> > >
> > > or it
> > >
> > > > > is possible
> > > > > in other way?
> > > >
> > > > Probably you need only a kernel patched with
> ebtables/br-nf
> > >
> > > and use
> > >
> > > > iptables extensions ROUTE, TTL/ttl, TOS/tos,
> MARK/mark,
> > >
> > > multiport, mport,
> > >
> > > > etc.
> > >
> > > See http://ebtables.sourceforge.net/examples.html#easy
''''"''''Making
> a
> > > brouter''''"'''' and
> > > ''''"''''Using the redirect
target''''"''''.
> > >
> > > cheers,
> > > Bart
> > >
> > > _______________________________________________
> > > LARTC mailing list / LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
http://lartc.org/
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Maybe Matching Threads

Search for more possibly parallel threads

LARTC - Aug 2004 - RE: Promisc routing

RE: Promisc routing

Re: RE: Promisc routing

Re: RE: Promisc routing

Re: RE: Promisc routing

Re: RE: Promisc routing

Maybe Matching Threads