| To: | netdev@xxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx |
|---|---|
| Subject: | firewalling PPPOE stream without terminating it |
| From: | Chris Friesen <cfriesen@xxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 12 Sep 2003 10:32:04 -0400 |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.8) Gecko/20020204 |
|
I've got a PPPOE DSL line coming into my house, and I and my roommates each terminate our own connection and get our own dynamic IP address. With the recent bunch of viruses/worms, a couple of us were thinking about setting up a box as a transparent firewalling bridge. The only tricky bit is that we don't want to terminate the PPPOE connection at that box, since that would then force us to do NAT/ipmasq. Does anyone know of any way to filter the contents of a tunnelled packet (PPPOE in particular) using standard tools like ebtables/iptables? The other possibility I had considered was a netfilter module that tied into the ebtables hooks and knew how to look inside the PPPOE packet, but then I wouldn't get the userspace interface from ebtables/iptables. Chris -- Chris Friesen | MailStop: 043/33/F10 Nortel Networks | work: (613) 765-0557 3500 Carling Avenue | fax: (613) 765-2986 Nepean, ON K2H 8E9 Canada | email: cfriesen@xxxxxxxxxxxxxxxxxx |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Bonding driver makes bad use of ethtool, Matthew Wilcox |
|---|---|
| Next by Date: | RE: Bonding driver makes bad use of ethtool, Hen, Shmulik |
| Previous by Thread: | Bonding driver makes bad use of ethtool, Matthew Wilcox |
| Next by Thread: | Re: firewalling PPPOE stream without terminating it, Harald Welte |
| Indexes: | [Date] [Thread] [Top] [All Lists] |