Hi Immo, In my experience, when it comes to switching, you might be better off using OpenvSwitch. You can then configure very specific rules for traffic filtering and switching, based on incoming port, traffic type, etc. Give it a try! Best, Jesus -----Original Message----- From: netfilter-owner@xxxxxxxxxxxxxxx [mailto:netfilter-owner@xxxxxxxxxxxxxxx] On Behalf Of IMMO WETZEL Sent: 05 March 2018 19:16 To: netfilter@xxxxxxxxxxxxxxx Subject: RE: build tagging bridge based on SRC/DST Mac Hi, Something like that: +-------------------+ | | | Host A Mac A ++ +-------------+ +--------------------+ | +-----> |p1 | | Linux Box | Traffic from or to Host A +-------------------+ | stupid | Vlan 4 | +--eth1.131.4--+ | Switch p3+----------+eth0 | +-------------------+ | | | +--eth1.132.4--+ | +-----> |p2 | | | Traffic from or to Host B | Host B Mac B ++ +-------------+ +--------------------+ | | +-------------------+ I can setup a bridge at the Linuxbox with all three interfaces and I could at ebtables to prevent that traffic from Mac B goes into eth1.131.4 But which rule should I install that prevents traffic from eth1.131.4 to go to eth1.132.4 ? Cos I only know the source IF... Immo This message has been classified Public by IMMO WETZEL on Montag, 5. März 2018 at 18:14:53. -----Original Message----- From: IMMO WETZEL Sent: Monday, March 05, 2018 5:26 PM To: 'netfilter@xxxxxxxxxxxxxxx' Subject: build tagging bridge based on SRC/DST Mac Hi folks, I do get traffic from a number of hosts ON IF a and have to deliver frames to them all of them are in the same vlan 4. I can not change this. Host A With Mac A Host B With Mac B Host C With Mac C I like to send all frames from SRC A to VLAN 104 I like to send all frames from SRC B to VLAN 204 I like to send all frames from SRC C to VLAN 304 And vice versa. Is that theoretically possible with ebtables ? Something critical in case of broadcasts ? Especially in case of ARP, DHCP or PPPoE ? Mit freundlichen Grüßen / With kind regards Immo Wetzel This message has been classified Public by IMMO WETZEL on Montag, 5. März 2018 at 17:24:18. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
