On Wednesday 2008-04-09 17:04, Patrick McHardy wrote: >> >> - arpreply engine > > A pure bridge doesn't need ARP. I don't get your point, > but my suggestion might not make much sense, I haven't > really thought about this. Well maybe you don't want to use a bridge for simplicity but still do proxy arp for lots of addresses. >> - filtering on L2 >> >> there has been a L2-hooks back in the 2.4 days (at least the context >> looks like it), and given that the ebtables targets now use >> xtables, the l2hooks patch would actually be real easy. > > They were used for the kernel ct_sync implementation. Why > would you use them for briding, it has its own hooks? > If you wanted to filter out non-(arp,ipv4,ipv6) traffic, you have to set up a bridge and filter it there, as I see it. So L2 hooks would come in handy since you would not need to set up a bridge device anymore to do so. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
