* Netfilter and Linux bridge
@ 2002-05-15 15:39 fabrizio.gennari
0 siblings, 0 replies; 3+ messages in thread
From: fabrizio.gennari @ 2002-05-15 15:39 UTC (permalink / raw)
To: netfilter
Hello.
I was wondering whether Netfilter can filter away packets handled by Linux
bridge. If the bridge forwards the packet to another port, the packet
never goes through IP routing, so Netfilter should handle it inside the
bridge.
Also, is it possible to apply rules to packets according to the protocol
type in Ethernet header (h_proto in struct ethhdr)? The man page says it
is possible to apply rules according to source MAC, but says nothing about
Ethernet protocol type.
Fabrizio Gennari
Philips Research Monza
via G.Casati 23, 20052 Monza (MI), Italy
tel. +39 039 2037816, fax +39 039 2037800
^ permalink raw reply [flat|nested] 3+ messages in thread
* Netfilter and Linux bridge
@ 2002-06-13 11:23 fabrizio.gennari
2002-06-24 12:14 ` Michael R. Schwarzbach
0 siblings, 1 reply; 3+ messages in thread
From: fabrizio.gennari @ 2002-06-13 11:23 UTC (permalink / raw)
To: netfilter
I was wondering whether Netfilter can filter away packets handled by Linux
bridge. If the bridge forwards the packet to another port, the packet
never goes through IP routing, so Netfilter should handle it inside the
bridge.
Also, is it possible to apply rules to packets according to the protocol
type in Ethernet header (h_proto in struct ethhdr)? The man page says it
is possible to apply rules according to source MAC, but says nothing about
Ethernet protocol type.
Fabrizio Gennari
Philips Research Monza
via G.Casati 23, 20052 Monza (MI), Italy
tel. +39 039 2037816, fax +39 039 2037800
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Netfilter and Linux bridge
2002-06-13 11:23 Netfilter and Linux bridge fabrizio.gennari
@ 2002-06-24 12:14 ` Michael R. Schwarzbach
0 siblings, 0 replies; 3+ messages in thread
From: Michael R. Schwarzbach @ 2002-06-24 12:14 UTC (permalink / raw)
To: fabrizio.gennari; +Cc: netfilter
[-- Attachment #1: Type: text/plain, Size: 917 bytes --]
Hi,
there is a sourceforge project called bridge, that might interrest you.
It has a development branch called bridge-nf working on iptables-support
for bridges. Have a look at: http://bridge.sourceforge.net/devel/bridge-nf/
Regards
Michael
fabrizio.gennari@philips.com wrote:
> I was wondering whether Netfilter can filter away packets handled by Linux
> bridge. If the bridge forwards the packet to another port, the packet
> never goes through IP routing, so Netfilter should handle it inside the
> bridge.
>
> Also, is it possible to apply rules to packets according to the protocol
> type in Ethernet header (h_proto in struct ethhdr)? The man page says it
> is possible to apply rules according to source MAC, but says nothing about
> Ethernet protocol type.
>
> Fabrizio Gennari
> Philips Research Monza
> via G.Casati 23, 20052 Monza (MI), Italy
> tel. +39 039 2037816, fax +39 039 2037800
>
[-- Attachment #2: Type: application/pgp-signature, Size: 255 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-06-24 12:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-06-13 11:23 Netfilter and Linux bridge fabrizio.gennari
2002-06-24 12:14 ` Michael R. Schwarzbach
-- strict thread matches above, loose matches on Subject: below --
2002-05-15 15:39 fabrizio.gennari
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox