* The penny has dropped
@ 2004-09-13 13:34 Steve Comfort
0 siblings, 0 replies; only message in thread
From: Steve Comfort @ 2004-09-13 13:34 UTC (permalink / raw)
To: ebtables-user, netfilter
Hi all,
I have an access point with physical interfaces ath0 (wireless) and ixp1
(ethernet). I set it up to operate as a bridge (br0) with the aforegoing
interfaces being the bridge ports. I'd been racking my brains for a
couple of days trying to figure out why I wasn't dropping any packets
received on interface ath0. (I was trying to limit pings).
Eventually I had an eureka moment, when I realised that the other side
of my connection was PPPoE. So the client side was tunneling directly to
the PPPoE server running on the ethernet side of the access point. Hence
all the pings I was trying to limit were being encapsulated by PPPoE,
and hence no rules were matching. Yes, I can be really stupid at times!
So the question now is whether it is possible to filter out these
"encapsulated" pings, maybe by examining the embedded header within the
PPPoE encapsulation?
Best regards
Steve
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2004-09-13 13:34 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-09-13 13:34 The penny has dropped Steve Comfort
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.