On Mon, 2010-08-30 at 13:33 +0100, Jonathan Tripathy wrote: > But ah well. I'm sure netfilter will have ndptables some day. We're only > testing IPv6 at the minute anyway. Well, it will probably be an ip6tables module, since in IPv6 the link layer resolution protocol is actually built on top of IPv6 icmp, rather than being an independent layer 3 protocol as ARP is. > And we've got iptables which will > prevent any non-icmp traffic from working, as well as ebtables to > prevent MAC spoofing. Out of curiosity, what exactly are you trying to filter with your bridge? Is the bridge running on the VPS host, and each virtual machine has it's own virtual network interface? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
