Hello, Here is the new version of ifgroup patches. The interface group value is u_int32_t in net_device which should be enough. Previously it was an int. Usage: ip link set eth0 group 4 but currently it cannot be unset, only changed to another value. In /etc/iproute2/rt_ifgroup each value may have a symbolic name. Netfilter part: xt_ifgroup module for both IPv4 and IPv6. Iptables usage: iptables -A INPUT -m ifgroup --in-ifgroup 4/0xf -j ACCEPT iptables -A FORWARD -m ifgroup --in-ifgroup 4 --out-ifgroup 5 -j ACCEPT ... in the FORWARD chain both input and output interface group value should be matched (with optional masks). The following patches are: kernel: core part kernel: netfilter module, ifgroup match iproute2: showing and set ifgroup value iptables: ifgroup match -- Laszlo Attila Toth - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
