On Wed, 30 Mar 2005, Alpt wrote:
On Wed, Mar 30, 2005 at 01:52:10AM +0200, Henrik Nordstrom after a spiritual call wrote : ~> On Sun, 27 Mar 2005, Alpt wrote: ~> ~> >When hun_enabled is set to 0, the bridge stops to flood_forward the ~> >input traffic and takes only the pkts sent to it. ~> ~> Won't this bite you if the destination MAC has expired from the bridge ~> forwarding table?
why? We are talking of input pkts.
Are you still broadcasting local traffic where the destination MAC is unknown to the bridge?
~> IMHO for this function you should use netfilter to deny forwarding of ~> traffic between the two wlan interfaces, not change the bridge core to ~> behave oddly.
(The wlan0 are the example of the ad-hoc network). Btw, this implies that the ip addresses of each node is known. The scope of the patch is to merge x interfaces into one at low level.
Using netfilter does not require IP knowledge. Interfaces is sufficient. You simply create a iptables rule saying traffic coming in on interface X is not allowed to leave on interface Y.
The two can't communicate because the bridge simply doesn't flood forward as a hub.
And also the router can't communicate to stations who have been silent for a while simply because their entry has now expired from the forwarding table, unless you make the router interface an exception allowing it's packets to be broadcasted on all ports.
And as I said it earlier doesn't prevent the stations to talk to each other should they somehow learn each others MAC, making it a rather weak security measure.
Regards Henrik - : send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
