Hard to give you specifics without a lot more information (and time's scarce, sorry).
Something that helped me understand how netfilter handles packets, and the order the various tables/chains happen, is the documentation for ebtables, specifically: http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html I'd be amazed if it's not possible to masquerade/source-NAT each vlan interface to a unique IP addresses. Between netfilter and ebtables, there's an enormous amount of flexibility. -- Paul Milton Calnek wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > Paul Chambers wrote: > >> Couldn't you use NAT on the vlan interfaces? that way traffic on each >> interface could be mapped to a different IP address as seen by the >> logging machine. >> > > I tried that. It didn't work for me. I don't remember the details just now, > but it had something to do with the order things happen on the linux IP stack. > > If you can suggest a set of commands, I'll try it out. > > Thanks. > - -- > Milton Calnek BSc, A/Slt(Ret.) > [email protected] > 306-717-8737 > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org > > iD8DBQFJd+dhHgnbf2T2QqMRArc9AKCf1tk2gW5XGOM4cCNevVj8QKwV5gCdHKAT > 8OETLsF4Csv6d4/gFVlLtjU= > =23Dv > -----END PGP SIGNATURE----- > > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
