Hi Bart, Dans un message du 04 Nov � 23:43, Bart De Schuymer �crivait : > So, if I were to implement code inside ipt_REJECT.c (for 2.5) that > checks if the packet is being bridged and we are on the NF_IP_FORWARD > hook. And if so, it uses the destination address of the original > packet as the source address of the ICMP message. Would this then be > accepted (if it looks ok)? Ofcourse, this code would only be compiled > if the bridge is enabled.
Something in the patch-o-matic already does that. Look at http://www.netfilter.org/documentation/pomlist/pom-userspace.html#ipt_REJECT-fake-source I guess you would just need to slightly modify it. Regards, -- Guillaume Morin <[EMAIL PROTECTED]> Pastis servi, pastis bu (Patrice) _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
