ebtables firewall

vishamr2000 · 04-07-2005, 02:29 AM

Hi to all,

I wanted to know abt the following:

1) do we always have to set up ebtables as a bridge or bridge router to be able to use ebtables commands. Is it possible to have only a normal firewall using ebtables (just like with iptables). It's just that almost all examples I've come across talk abt building only bridges, bridgefirewalls or bridge routers. I just need a confirmation of this.

2) Also, I want to make the packets move from the link layer right after ebtables NAT PREROUTING to iptables. I have not set up my PC as a bridge or bridge router.. I just want to set up a normal firewall that makes use of both ebtables and iptables.

How do i go about it? do i use br-nf code?Does anyone have a sample script where the br-nf code is used? If yes, pls send it to me.

Thx in advance..

Best regards,
Visham Ramsurrun

vishamr2000 · 04-09-2005, 01:34 PM

I'll got the required info from Mr. Ralf Spenneberg (ah!!..great man). So i'll share it with all of you.

>do we always have to set up ebtables as a bridge or bridge router to be able to >use ebtables commands. Is it possible to have only a normal firewall using >ebtables (just like with iptables).

Yes..it's possible to have a layer 2 firewall using ebtables rules alone.

>Also, I want to make the packets move from the link layer right after ebtables >NAT PREROUTING to iptables. I have not set up my PC as a bridge or bridge >router.. I just want to set up a normal firewall that makes use of both ebtables >and iptables.
>How do i go about it? do i use br-nf code?

Yes.. ebtables and iptables rules can both be written in a single script, as we normally do with iptables firewall script.

Regards,
Visham