* how to filter tagged frames of different vlanid in one bridge?
@ 2003-01-08 1:41 zhengchuanbo
0 siblings, 0 replies; only message in thread
From: zhengchuanbo @ 2003-01-08 1:41 UTC (permalink / raw)
To: netfilter-devel
we use linux as our firewall. the firewall worked at bridge mode. it is connected to the trunk port of the switch. what we want to do is to filter the vlan tagged frames(802.1Q) by ip address.i tried two methods:
1.by ebtables
ebtables can filter 802.1Q protocol. but it can not filter by ip address. it can only filter the ip address when the protocol is IPV4. i wish i could do the job by ebtables.
2.by bridge-nf patch and vconfig
i can filter by ip address to certain tagged frames. i did it like this,
/sbin/vconfig add eth0 2
/sbin/vconfig add eth1 2
ifconfig eth0.2 up
ifconfig eth1.2 up
brctl addbr br0
brctl addif eth0.2
brctl addif eth1.2
after i applied the patch bridge-nf,netfilter works for the vlan frames. the problem is we have many vlans(more than ten). so i have to build a bridge for all the vlans.
so what i want to do is to filter the tagged frames of differen vlans in the same bridge. i can't find a way to do that. is there some solution to that?
thanks in advance. please cc.
regards,
chuanbo zheng
zhengcb@netpower.com.cn
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-01-08 1:41 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-08 1:41 how to filter tagged frames of different vlanid in one bridge? zhengchuanbo
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.