From mboxrd@z Thu Jan 1 00:00:00 1970 From: Grant Taylor Date: Tue, 09 Jan 2007 02:28:59 +0000 Subject: Re: [LARTC] Using iptables level7/ipp2p match in a bridge Message-Id: <45A2FDEB.8020706@riverviewtech.net> List-Id: References: <020c01c72ae7$8e9722f0$0100a8c0@newlife> In-Reply-To: <020c01c72ae7$8e9722f0$0100a8c0@newlife> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org On 12/28/06 20:04, Ming-Ching Tiew wrote: > Thank you for a reply which comes in so useful. I would like to get into > a bit more details. Assuming I have already enable the kernel options, > do you mean if I want to mark ipp2p traffic, I will do something like this :- You are welcome. > iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 6 Yes, with "Bridged IP/ARP packets filtering" you can do that. > If I set more options such as "-i eth0 -o eth1" will I be able to capture > the traffic more particularly ? In short yes. "Bridged IP/ARP packets filtering" allows IPTables to see bridged traffic. This means that any filtering you can do with IPTables can now be done on bridged traffic. Grant. . . . _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc