Thomas Glanzmann schreef op 30/11/2013 9:54:
I found one other reference which confirms this problem.
http://serverfault.com/questions/518254/linux-container-bridge-filters-arp-reply
The author answered his own question stating it was an issue in his
network :-)
Also I wonder what else than source natting broadcast request we could
do to fight the symptoms? For example I would like to drop all packets
with the source mac address from 00:50:56:98:12:ed which are comming in
via eth1. I tried this using ebtables, arptables and iptables but did
not get the syntax right. Has someone, something I could try?
ebtables -t nat -A PREROUTING -s 00:50:56:98:12:ed -i eth1 -j DROP
Use PREROUTING so that the Linux bridge fdb isn't updated. A better
solution is probably to fix your network.
cheers,
Bart
