Majjari Vikram(TLS-ESG), Bangalore wrote: > > Hi all > > I think Static filtering entries are needed in bridging for security > purposes. I read that we can add static filtering entries in to the > bridge filtering database. The entry information includes the > destination MAC address and the port number(other fields as required)so > that when a packet/frame arrives with the destination mac address that > was specified in static filtering entry the frame gets bridged/forwarded > to the interface/port that we have specified in the table(as a static > filtering entry). > > Perhaps what you are looking for is MAC address based vlans. Consult the linux-vlan project - the latest code is able to do this. Use the vlan module to create multiple interfaces layered over eth0 that filter for the static MAC addresses you're interested in. Then choose which bridge to add each interface to, based on the services you wish that MAC to access. (BTW, I haven't actually used this code myself. I submitted the original patch, but I handed it over to the vlan maintainers and they've added a lot of functionality and changed the usage. In short, I can't help with the details - you'll have to look it up in the linux-vlan documentation.) Alex ------------------------------------------------------------------------------ Cambridge Broadband appoints telecoms industry veteran John Cronin as chairman <<http://www.cambridgebroadband.com/mi20feb07.htm> Maxis to upgrade its backhaul network using Cambridge Broadband; Alcatel-Lucent selected to manage entire upgrade project <http://www.cambridgebroadband.com/mi12feb07.htm> ------------------------------------------------------------------------------ Cambridge Broadband Networks Limited Registered in England and Wales under company number: 03879840 Registered office: Selwyn House, Cambridge Business Park, Cowley Road, Cambridge CB4 0WZ, UK This email and any attachments are private and confidential. If you believe you have received this email in error please inform the sender and delete it from your mailbox or any other storage mechanism. Cambridge Broadband Networks Limited cannot accept liability for any statements made which are clearly the individual sender's own and not expressly made on behalf of Cambridge Broadband Networks Limited. _______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
