Hello there,

I have been in the process of setting up a Mobile Ad hoc Network (MANET) testbed to research as to how we can improve a routing protocol called AODV. For this purpose, I have chosen the AODV_UU v0.8.1 implementation provided by Uppsala University. My testbed runs Fedora Core 5 having the kernel version 2.6-15. Now, in order to test whether the installed AODV routing protocol works fine, I need a MAC-filtering tool. The reason is that even when the nodes are within each other's range physically, I need a mac-flitering tool in order to make certain nodes filter out each other. With this I can have a multihop operation, and hence, it would be easy for me to check whether the routing protocol works as intended.

Having defined/explained the problem in hand, my question is whether anybody has heard of any such tool being in-built in any standard 2.6.x kernel.

BTW, has anybody come across "ebtables" ? If yes, can you please tell me how I can configure it so that I can filter out at the MAC-level.

Thanks in advance for taking your invaluable time to answer my question.

Best Regards,

Siva

Well, ebtables is one of the correct tools.
iptables has a lot of functionality too.

It requires some patching to be done to iptables & in the 2.4 kernel to get it working. 2.6 kernels already have it.
If you can install the ebtables package, then I'd say your standard kernel has been patched ok.

There's a manual included with the ebtables package and a website dedicated to it's use at http://ebtables.sourceforge.net and the HOWTO is http://ebtables.sourceforge.net/documentation.html#docs

thanks peter for your information

Dear Peter and all,

Initially I tried with iptables to filter-out MAC addresses. The intention is to check whether the installed (AODV) routing protocol works fine. It is obvious that whenever all the nodes (laptops) are within each others' range, then there is no need for a routing protocol. Hence, I wish to use a mac-filtering tool to enable multi-hop routing although the nodes are physically located closed each other. Consider the following set-up, where I wish to open a VoIP session between A & C via B. Note that A,B and C are within each others range.

A ------------------------ B-------------------------C
MAC Addr:00:16:6F:B4:01:91 00:16:6F:B4:17:62 00:16:6F:B4:04:4C
IP Addr : 192.168.20.1 192.168.20.2 192.168.20.3

I used the follwing "iptables" filtering option:

At node A, I typed the following:
$iptables -A INPUT -m mac --mac-source 00:16:6F:B4:04:4C -j DROP

At node B, I didn't type anything as my intention is to use it as a relaying node between A & C.

At node C, I typed the following:
$iptables -A INPUT -m mac --mac-source 00:16:6F:B4:01:91 -j DROP

My understanding is that I filter at the MAC-level, hence I should be A & C should be able to receive packets via B at the IP-layer level. Instead, neither A nor B were able to hear each other. Do you know why it is ?

Now I am trying with ebtables. It is installed in FC5 (kernel version 2.6-15). However, would you please let me know how to configure it as ebtables command does not work.

Please help me.

Cheers

Siva

Lots of routing and kernel filtering reasons for it not to work, eg rp-filter, source routing blocks, netfilter source & dest interfaces are the same, etc..

And the added complication of wireless association to APs..

Hello Peter,

Thanks for your reply. I have managed to solve the problem with the same "iptables" commands at A and C. The reason why it didn't work in my previous attempt was that I forgot to run the AODV daemon.

Now things work.

Cheers

Siva