I spend much time today figuring out how to do this, but I could not find a solution. In my mind it should be possible. I'm trying to setup the following setup:
setup overview
Reading the tap1 interface and forwarding to enp0s3 using Go should work without any problems... I hope. If I do a ping 10.0.0.10 -I tap1 I can see the ether frames in the Go application. (I currently use https://github.com/songgao/water but I will probably migrate to https://github.com/mdlayher/packet if I get this to work)
The problem I have is forwarding the etherframes from enp0s8 to the tap1 interface. I have tried multiple commands but it does not work. I tried using iptables:
iptables -A FORWARD -i enp0s8 -o tap1 -j ACCEPT and similar commands.
I then found this question: Tap0 not receiving traffic where Sherwood Wang said the following:
If you want to force tap0 to recieve its own IP packets, you may use ebtables. When packets are DROPed in the ethernet layer of tap0 at broute table, these packets go into the the IP layer of tap0 instead of eth0. See also: http://ebtables.sourceforge.net/examples/real.html#example1
What sounds exactly what I need. I think I found the command he means here: https://ebtables.netfilter.org/examples/basic.html#ex_brouter
ebtables -t broute -A BROUTING -p ipv4 -i tap1 --ip-dst 172.16.1.1 -j DROP
However I get the following error: ebtables: No chain/target/match by that name. If I look at man ebtables I don't see the broute table mentioned. I do see it here though https://linux.die.net/man/8/ebtables. So am I missing something?
I also tried ebtables -A FORWARD -i enp0s8 -o tap1 -j ACCEPT from https://www.linuxquestions.org/questions/linux-networking-3/ebtables-to-setup-forwarding-and-ethernet-level-nat-4175538316/ but that doesn't work either.
