Is there a filter for Ethernet packets ?

Is there a filter for Ethernet packets ?

[Ching Tai]

Dear Netfilter users,

From looking through the code (mainly just grepping
for "NF_HOOK" in the kernel's net subdirectory), I
find that there seems to be hooks for ipv4, ipv6,
decnet, and bridge.

I'd like to write a filter for all the Ethernet
frames recevied on an Ethernet interface.  I'm
wondering if there is something in Netfilter for
me to use.

I think I can do that with the bridging Netfilter
(where I'd create a fake interface and bridge 
traffic to it, perform filtering on the bridge input,
make the fake interface's transmit function send that
data back into whichever real interface it should go),
but that seems like an overly complicated way to do
a simple filtering.  Also, it opens my code up to
changes in kernel's network device interfacing, etc.

I'd really appreciate it if somebody could help me
with:

1. If Netfilter can filter Ethernet frames, please
let me know which NF_... to use.

2. If Netfilter cannot do it, is there another way
to do what I need.  (Basically, I'd like to examine
each Ethernet frame and decide pass/drop on each one.)

Thank you!
Ching



		
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

Re: Is there a filter for Ethernet packets ?

[raido]

> I'd like to write a filter for all the Ethernet
> frames recevied on an Ethernet interface.  I'm
> wondering if there is something in Netfilter for
> me to use.

I think ebtables (http://ebtables.sourceforge.net/) is for filtering non-ip 
ethernet traffic. Maybe you can get advice from there?

Raido