Masquerading MAC addresses
Nathan Robertson
nathan at robertsonfamily.id.au
Mon Oct 28 23:57:43 UTC 2019
Hi,
I have an interesting issue that I'm hoping that somebody might be able to
point me in the right direction on. Even just a pointer or two, or where to
go ask. I've got a situation where my VPS provider is packet filtering my
traffic based on MAC address, and as a result are dropping my jail traffic
(as FreeBSD bridges traffic from the jail to the network using the jail's
MAC address). I need a way to essentially masquerade the MAC address for
outbound traffic on the host interface to get past the VPS vendors firewall.
Basically, I need vnet jails with IP addresses to use the host adapters MAC
address for outbound connections (think of it as masquerading / NAT of MAC
addresses). On Linux, it looks like ebtables can do it (MAC NAT -
https://ebtables.netfilter.org/documentation/features.html). I can see ipfw
supports packet filtering based on MAC address, but I can't find anything
on packet mangling.
Any idea of where I should look or who I could ask about MAC NAT on FreeBSD?
Thanks for any help provided. This one's really starting to do my head in.
Nathan.
More information about the freebsd-questions
mailing list