Xen project Mailing List

I'm not sure how you would generically intercept and modify packets short of writing a module for netfilter. But if you are looking specifically to encrypt in tunnel packets to another location I would recommend OpenVPN.

Xen bridges are just Linux bridge interfaces, and so can be used to bridge any networking devices. For example you could run OpenVPN and create a tap0 device for the VPN, then add that device to xenbr0. Now when you connect an OpenVPN client to that host, all traffic on the xenbr0 bridge will be mirrored to tap0, which will then be present on tap0 on the other side of the VPN link.

I would suggest thought that you try to accomplish your task at layer-3 since IMHO routing is simpler in implementation than bridging over a VPN.

Can you provide more details on what it is you're trying to do?

----- Original Message -----
From: "nikki-2009" <n.kawaguti@xxxxxxxxx>
To: xen-users@xxxxxxxxxxxxxxxxxxx
Sent: Saturday, June 27, 2009 10:28:12 AM GMT -06:00 US/Canada Central
Subject: [Xen-users] Packet modification on Xen virutal Bridge

Hi guys,

Now, I'm looking for a method to modify packet headers/contents when they
arrive at xen bridges (e.g. xenbr0). For example, I consider a following
operation; when a xen bridge recieves a packet(frame), it firstly encrypts
the content using a predefined key, and then forwards it to other
host/router.

Is is possible to add such functionality to the xen bridge ?
Any ideas, comments or suggestions are welcome.

Thanks in advance.

--
View this message in context: http://www.nabble.com/Packet-modification-on-Xen-virutal-Bridge-tp24234052p24234052.html
Sent from the Xen - User mailing list archive at Nabble.com.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Re: [Xen-users] Packet modification on Xen virutal Bridge