loops occures in a linux bridge and ebtables configuration
 

Hi all,

I'm trying to set up a configuration to analyse the network flow between two interfaces.

What i'm want to do is to listen what is coming on eth0 and forward it to eth1 and listen from eth1 and forward it to eth0.
The only concerned frame are ipv4.

I set up a bridge br0 with eth0 and eth1.
eth0 and eth1 are configured to be promiscuous so accepting all frames available.

I added some ebtables rules to redirect the frames to the userspace using ulog :

ebtables -t broute -A BROUTING -i eth0 -p ipv4 --ulog-nlgroup 1 -j DROP
ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ulog-nlgroup 2 -j DROP

My problem is that frames read (using netlink sockets in the application) from eth0 and written to eth1 appears to loop between the 2 interfaces.

Is there a way to avoid this kind of behavior ?

A solution would be to use 4 interfaces, but I would prefere a software solution.

Any advices ?

Thank you.