> On 12 Mar 2015, at 11:24, Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx> wrote: > >> On 12 March 2015 at 01:11, Stuart Shelton <srcshelton@xxxxxxxxx> wrote: >> >> Right - I think I’ve fixed all of these… > > (Unrelated) > > Would give a try to nftables? It would be interesting for us to see > how could you emulate the ebtables among extension with native > nftables mechanisms. Good point - I want to be able to filter on both source and destination MAC addresses (for outbound and inbound traffic - and iptables can only handle source filtering), and using ebtables does require that I create single-interface bridges in order for it to take effect. nftables could be a much better solution, so long as its capabilities extend beyond what iptables offers. I'll look into it! Cheers, Stuart-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
