Bridging selected MACs - Fruhwirth Clemens

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Fruhwirth Clemens <clemens@endorphin.org>
To: netfilter@lists.netfilter.org
Subject: Bridging selected MACs
Date: Thu, 12 May 2005 11:01:34 +0200	[thread overview]
Message-ID: <1115888494.12824.18.camel@ghanima> (raw)

Hi everybody,

I like to ask, if there is way to construct a bridge, but only for two
selected MAC addresses.  This can be achieved by 2 rules,

(Assuming 
MAC0 is on eth0 and 
MAC1 is on eth1)

MAC0 -> (MAC1 or broadcast MAC):      copy ethernet frame to eth1
MAC1 -> (MAC0 or broadcast MAC):      copy ethernet frame to eth0

For this construction, there would be 2 new things needed in netfilter:

1. a --mac-dest rule
2. a simple ethernet frame copy to a designated network device.

These capabilities are not present, and the reason for this -- I presume
-- is the bridge code in net/bridge.  Unfortunately, I have not found a
way to get an operational bridge, as there are no filtering capabilities
in the bridge control interface.  I'm also not sure if I should even aim
for a bridge, because the box is doing NAT between eth0 and eth1.

However, I would be thankful for any insight.

(Please don't ask why I'm trying to construct this strange
configuration. In a nutshell, I have a VOIP box supplied by my ISP that
needs to sit on the external network, and talks to some radius DHCP in
alien languages.  I simply don't want to wire the external network in my
house to separate my DHCP traffic.)
-- 
Fruhwirth Clemens - http://clemens.endorphin.org 
for robots: sp4mtrap@endorphin.org

next             reply	other threads:[~2005-05-12  9:01 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-05-12  9:01 Fruhwirth Clemens [this message]
2005-05-16  0:22 ` Bridging selected MACs Taylor, Grant

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1115888494.12824.18.camel@ghanima \
    --to=clemens@endorphin.org \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox