I did log, with tcpdump though (ethertype file seems fine, shown below): debian-firewall-0:/etc/Bastille# tcpdump -i br0 tcpdump: WARNING: br0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on br0, link-type EN10MB (Ethernet), capture size 96 bytes 01:21:53.041277 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request 01:21:56.041145 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request 01:21:59.041106 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request 01:22:06.041040 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request 01:22:09.040964 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request 01:22:17.036982 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request 01:22:28.036967 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request 01:22:37.060312 arp who-has 192.168.0.1 tell 192.168.0.21 01:22:37.060750 arp reply 192.168.0.1 is-at 00:06:25:f0:2e:fd (oui Unknown) 01:22:37.060898 IP 192.168.0.21 > 192.168.0.1: ICMP echo request, id 53019, seq 01:22:37.064312 IP 192.168.0.21 > IGMP.MCAST.NET: igmp v3 report, 1 group record 01:22:37.297162 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0 [3q] [5n][|domain] 01:22:37.340502 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0*- [0q] 2/0/0 PTR[|dom 01:22:37.548553 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0 [3q] [5n][|domain] 01:22:37.800601 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0 [3q] [5n][|domain] 01:22:38.000694 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0*- [0q] 5/0/0[|domain] 01:22:38.528443 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0*- [0q] 5/0/0 PTR[|dom 01:22:39.188652 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0*- [0q] 5/0/0[|domain] 01:22:40.716560 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0*- [0q] 5/0/0 PTR[|dom 01:22:41.208356 IP 192.168.0.21 > IGMP.MCAST.NET: igmp v3 report, 1 group record 01:22:41.376602 IP 192.168.0.21.mdns > 224.0.0.251.mdns: 0*- [0q] 5/0/0[|domain] 01:22:45.629011 00:50:8b:11:82:f8 (oui Unknown) > Broadcast, ethertype Unknown ( 0x0000: 1000 ffff ff01 0000 0000 0000 0000 0000 ................ 0x0010: 0000 .. 01:22:45.629093 00:c0:4f:2d:5b:68 (oui Unknown) > Broadcast, ethertype Unknown ( 0x0000: 1000 ffff ff01 0000 0000 0000 0000 0000 ................ 0x0010: 0000 3535 3535 3535 3535 3535 3535 3535 ..55555555555555 0x0020: 3535 3535 3535 3535 3535 3535 3535 55555555555555 01:22:47.094032 arp who-has 169.254.5.88 tell 0.0.0.0 01:22:48.528175 arp who-has 169.254.5.88 tell 0.0.0.0 01:22:49.048433 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request # # Ethernet frame types # This file describes some of the various Ethernet # protocol types that are used on Ethernet networks. # # This list could be found on: # http://www.iana.org/assignments/ethernet-numbers # # <name> <hexnumber> <alias1>...<alias35> #Comment # IPv4 0800 ip ip4 # Internet IP (IPv4) X25 0805 ARP 0806 ether-arp # FR_ARP 0808 # Frame Relay ARP [RFC1701] BPQ 08FF # G8BPQ AX.25 Ethernet Packet DEC 6000 # DEC Assigned proto DNA_DL 6001 # DEC DNA Dump/Load DNA_RC 6002 # DEC DNA Remote Console DNA_RT 6003 # DEC DNA Routing LAT 6004 # DEC LAT DIAG 6005 # DEC Diagnostics CUST 6006 # DEC Customer use SCA 6007 # DEC Systems Comms Arch TEB 6558 # Trans Ether Bridging [RFC1701] RAW_FR 6559 # Raw Frame Relay [RFC1701] AARP 80F3 # Appletalk AARP ATALK 809B # Appletalk 802_1Q 8100 8021q 1q 802.1q dot1q # 802.1Q Virtual LAN tagged frame IPX 8137 # Novell IPX NetBEUI 8191 # NetBEUI IPv6 86DD ip6 # IP version 6 PPP 880B # PPP ATMMPOA 884C # MultiProtocol over ATM PPP_DISC 8863 # PPPoE discovery messages PPP_SES 8864 # PPPoE session messages ATMFATE 8884 # Frame-based ATM Transport over Ethernet LOOP 9000 loopback # loop proto --- On Wed, 5/20/09, Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx> wrote: > From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx> > Subject: Re: (DHCP) Ebtables ruleset isn't working, any ideas? > To: "Miguel Ghobangieno" <mikeeusa@xxxxxxxxx> > Cc: netfilter@xxxxxxxxxxxxxxx > Date: Wednesday, May 20, 2009, 5:03 PM > On Wed, 20 May 2009, Miguel > Ghobangieno wrote: > > > Those are various rules I've tried. I've tried the > hex, then when that > > didn't work I tried the "ip and IPv4" stuff. None > worked. > > > > Here is the test network currently: > > laptop---(crossover > > > cable)-->[eth1](BridgingFirewall[Br0])[eth0]---->[192.168.0.1](Linksys > > router)--->[Internet] > > OK. So the linksys box is the dhcp server. > > > But it's really strange > and suspicious that names do not work, > > something is really > broken on your system. Have you got a > > correct > > /etc/ethertypes file? > Does you run the ebtables commands in > > chroot? > > Why don't you check that file? > > > Why don't you log the > packets?? > > Third times I write: why don't you log the packets? > > Best regards, > Jozsef > - > E-mail : kadlec@xxxxxxxxxxxxxxxxx, > kadlec@xxxxxxxxxxxx > PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt > Address : KFKI Research Institute for Particle and Nuclear > Physics > H-1525 Budapest 114, > POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html