www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Ebtables support?

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Request a new feature
View previous topic :: View next topic  
Author Message
raspi



Joined: 05 Jul 2008
Posts: 3
Location: Finland
PostPosted: Sat Jul 05, 2008 6:09 pm    Post subject: Ebtables support? Reply with quote
http://ebtables.sourceforge.net/

Quote:
What is ebtables?

The ebtables program is a filtering tool for a bridging firewall. The filtering is focussed on the Link Layer Ethernet frame fields. Apart from filtering, it also gives the ability to alter the Ethernet MAC addresses and implement a brouter.
This website is also a reference for the Linux bridge-nf code, which gives Linux the functionality of a bridging IP/IPv6/ARP firewall, by letting iptables/ip6tables/arptables 'see' the bridged IPv4/IPv6/ARP packets.
Both ebtables and bridge-nf are a part of the standard 2.6 kernel. A patch for the 2.4 stable kernel is maintained here, because enough people keep bugging me when Marcelo releases yet another 2.4 kernel.

_________________
raspi
Back to top
View user's profile Send private message
fadjar340



Joined: 31 Mar 2008
Posts: 30
PostPosted: Sat Dec 06, 2008 1:12 pm    Post subject: Reply with quote
I agree with raspi.
With ebtables we could give our user transparent caching system that could give better internet experiences to user.

Using distributed web caching using zeroshell, configure as sibling could increase web browsing performance. With web caching, bandwidth saving could reach 20%.
Also, the "caching box" can not see by client because using bridge mode.
The security and QoS could be implementing in the bridge mode without add higher latency from layer 3 applications.

Regards,
Fadjar340
Back to top
View user's profile Send private message Send e-mail
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 997
PostPosted: Sat Dec 06, 2008 5:43 pm    Post subject: Reply with quote
Zeroshell can use iptables either for routed or bridged traffic. I do not understand why you want to use ebtables.
Transparent proxy already works in Zeroshell without using ebtables.
In any case the proxy of Zeroshell is not a web cache. It is instead able to scan the web page for Virus.

Regards
Fulvio
Back to top
View user's profile Send private message Send e-mail
pirabakaranm



Joined: 01 Apr 2011
Posts: 1
PostPosted: Fri Apr 01, 2011 5:04 pm    Post subject: Reply with quote
I am trying to block the ARP packets which is bleeding thru my bridge. But I was not able to do it successfully by using iptables. Can anyone tell me how to do that? I would really appreciate the help.

Thanks.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Request a new feature All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group