[Dnsmasq-discuss] MAC address resolution of virtual machines

Ashish Sharma pocha.sharma at gmail.com
Mon Aug 29 16:41:25 BST 2016


Hi,

 I have been running Dnsmasq on Openwrt (opensource router OS). It also
acts as DHCP server.

  Once a client connects, I need to whitelist his ip & mac through iptables
depending on a few criteria. I am able to hack this part out by calling
appropriate iptables command before the DHCP ACK packets are being sent in
Dnsmasq code.

 The issue with virtual machines in bridged mode connecting is - while
Dnsmasq resolve their mac address as the true address, the packets that
iptables see mac source of the packets as that of the host.

 Now I have two options - either fiddle with Dnsmasq to see if it could
figure out the host mac address & eventually use that with iptables
command, or fiddle with iptables to see if it could identify the virtual
machine packets . I figured, changing Dnsmasq would lead to lesser
probability of breaking things as it would just happen while the client
connects, while packets will keep on coming & going all the time.

 Can someone help me on this. Advance thanks.

Ashish

P.S. - if someone knows a better way of doing it,  I am ready to discard my
work so far & start from scratch.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20160829/7f52e6bc/attachment.html>


More information about the Dnsmasq-discuss mailing list