bridging firewall
 

I am going to setup a bridging firewall using a minimal install of fc3 I have a decent idea of of setting up the bridge but am worried about the ebtables part of it. I've been to the ebtables site and found documentation lacking to say the least. can some one give me some examples ebtables configs with the commands neccessary to build the rule.

To clarify let me give an example with iptables.
When I was more of a newbie I would pull my hair out trying to figure out how to open a port with iptables. I would man iptables and my mind would go to jello. I would perform the old iptables --list see a port 80 open but looking at the list I had no idea how to open port 22. Then when I learned the basic iptables -A INPUT -p tcp --dport 22 -j ACCEPT I would perform a service iptables restart and wonder why my rule wasnt applied. Finally after 30 cups of coffee I found the iptables-save command.

I say all of this to say this I dont want to go through this process learning ebtables so any help or GOOD Links please post. Anybody that has been through the fire already with things I need to look out for. Please post.


Thanks in advance

I've only ever used the documentation off the sourceforge site..
http://ebtables.sourceforge.net/documentation.html
It's quite complete..

There's also this pdf http://www.spenneberg.com/talks/linu...bridgewall.pdf

The basic concept is for ebtables to DROP everything and for the nf-bridge to ALLOW everything.
This passes packets into the netfilter system.
Anything netfilter passes will end up back on the wire.
If ebtables ALLOWs anything, you will get 2 copies of it, one from ebtables and one from netfilter..