So I am playing around with nftables and I stumbled over the "payload statement", which states that you can alter payload content. So I thaught about trying to change the "ether type protocol" from IPv4 (0x0800) to IEEE 802.1Q (0x8100), meaning it would gain the VLAN-Header. But nothing seems to change. I record my traffic with Wireshark. I tried using the following table:
table ip vtagging {
chain input {
type filter hook input priority 0; policy accept;
}
chain output {
type filter hook output priority 0; policy accept;
meta l4proto tcp ether type ip ether type set 8021Q
}
}
So I tried alter the ether type for all "TCP-Frames".
Does anyone know how the nftables payload statement works? Can I alter only some small amount of content? Or can I just not alter ether types?
