[Bridge] Static filtering entries in bridging -- linux 2.4.20kernel

Alex Zeffertt ajz at cambridgebroadband.com
Tue Apr 10 02:17:09 PDT 2007

Majjari Vikram(TLS-ESG), Bangalore wrote:
> Hi all
> I think Static filtering entries are needed in bridging for security
> purposes. I read that we can add static filtering entries in to the
> bridge filtering database. The entry information includes the
> destination MAC address and the port number(other fields as required)so
> that when a packet/frame arrives with the destination mac address that
> was specified in static filtering entry the frame gets bridged/forwarded
> to the interface/port that we have specified in the table(as a static
> filtering entry).

Perhaps what you are looking for is MAC address based vlans.  Consult the
linux-vlan project - the latest code is able to do this.

Use the vlan module to create multiple interfaces layered over eth0 that
filter for the static MAC addresses you're interested in.  Then choose
which bridge to add each interface to, based on the services you wish that
MAC to access.

(BTW, I haven't actually used this code myself.  I submitted the original
patch, but I handed it over to the vlan maintainers and they've added
a lot of functionality and changed the usage.  In short, I can't help with
the details - you'll have to look it up in the linux-vlan documentation.)



Cambridge Broadband appoints telecoms industry veteran John Cronin as chairman <<http://www.cambridgebroadband.com/mi20feb07.htm>

Maxis to upgrade its backhaul network using Cambridge Broadband; Alcatel-Lucent selected to manage entire upgrade project <http://www.cambridgebroadband.com/mi12feb07.htm>

Cambridge Broadband Networks Limited
Registered in England and Wales under company number: 03879840
Registered office: Selwyn House, Cambridge Business Park, Cowley Road, Cambridge CB4 0WZ, UK
This email and any attachments are private and confidential. If you believe you have received this email in error please inform the sender and delete it from your mailbox or any other storage mechanism. Cambridge Broadband Networks Limited cannot accept liability for any statements made which are clearly the individual sender's own and not expressly made on behalf of Cambridge Broadband Networks Limited.

More information about the Bridge mailing list