Thats great Peter, I can now log this information to syslog. What I'd really like to be able to do is log these packets like you can using iptables with ulogd. I'd really like to be able to call a program like: ./found_mac_on_vlan mac vlan_id I guess this is the wrong place to ask this question, I'll head on over the the ebtables mailing lists now, once again, many thanks Peter, you've been a big help in this, I've learned a great deal. Piccalo --- Peter Stuge <stuge-vlan@xxxxxxx> wrote: > On Thu, Oct 14, 2004 at 03:09:37PM +0100, liam sharp > wrote: > > Hi Peter, > > > > Thanks very much for that information, setup 1b > has > > really helped me. I now have my network fully > > functional. I have one more question however ;-) > > I'm glad it worked out! :) > > > > How can I tell what Vlan a given MAC address is in > ? > > > > I have looked in the arp table, but this shows all > > MAC's connected to the trunk as coming from br0. > > > > Any guidance on this one would be much appreciated > ! > > Right. Think of this question another way: > > "On which member interface in the bridge is this MAC > address > reachable?" > > It's a bridging issue, nothing to do with VLANs. > > But depending on what you want to be able to do with > this information > I may have a simple answer for you anyway. :) > > You can use ebtables to make rules even inside a > bridge. These rules > can mark packets, and the mark can be read in > iptables. > > If you want userspace accounting or logging, I guess > ebtables rules > with a target of netlink or even syslog would be the > easiest > solution. > > > //Peter > _______________________________________________ > Vlan mailing list > Vlan@xxxxxxxxxxxx > http://www.lanforge.com/mailman/listinfo/vlan > ___________________________________________________________ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com