>Hi,
>
> I applied the kernel patches from http://ac2i.tzo.com/bridge_filter/
> to 2.2.10 kernel source to enable IP filtering when bridging.
> It works very well with ACCEPT and DENY. In an attempt to make it
> also work with REJECT (send back a dest unreachable ICMP message)
> I added few lines to handle this case, no success yet.
> The following is the excerpt from the patched net/core/dev.c:
[snip]
Following my own posting.
An idea have just come to my mind.
I could modify the data in the received frame an pass it to bridge code.
By modifying data I mean change the incomming Ethernet interface,
IP-addresses, (MAC addresses?), message type etc. Have to check the
sk_buff struct. This way the br_receive_frame() would do the job, no
need to go to IP-level code.
Any networking wizard having few spare minutes to comment on this one?
Any hints, comments etc. are wellcome.
Regards,
Chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/