I've got a PPPOE DSL line coming into my house, and I and my roommates
each terminate our own connection and get our own dynamic IP address.
With the recent bunch of viruses/worms, a couple of us were thinking
about setting up a box as a transparent firewalling bridge. The only
tricky bit is that we don't want to terminate the PPPOE connection at
that box, since that would then force us to do NAT/ipmasq.
Does anyone know of any way to filter the contents of a tunnelled packet
(PPPOE in particular) using standard tools like ebtables/iptables?
The other possibility I had considered was a netfilter module that tied
into the ebtables hooks and knew how to look inside the PPPOE packet,
but then I wouldn't get the userspace interface from ebtables/iptables.
Chris
--
Chris Friesen | MailStop: 043/33/F10
Nortel Networks | work: (613) 765-0557
3500 Carling Avenue | fax: (613) 765-2986
Nepean, ON K2H 8E9 Canada | email: [email protected]
Hi Chris!
On Fri, Sep 12, 2003 at 10:32:04AM -0400, Chris Friesen wrote:
> I've got a PPPOE DSL line coming into my house, and I and my roommates
> each terminate our own connection and get our own dynamic IP address.
So how is this question related to either
1) network development ([email protected])
2) linux-kernel development ([email protected])
I would like to ask you this question at an apropriate mailinglist
([email protected], or the lartc mailinglist [since the
assumption that you would need to do NAT in case you terminate the two
dsl lines is invalid an can be solved using policy routing + connmark]).
> Chris Friesen | MailStop: 043/33/F10
--
- Harald Welte <[email protected]> http://www.gnumonks.org/
============================================================================
Programming is like sex: One mistake and you have to support it your lifetime
Harald Welte wrote:
> So how is this question related to either
> 1) network development ([email protected])
> 2) linux-kernel development ([email protected])
>
> I would like to ask you this question at an apropriate mailinglist
> ([email protected], or the lartc mailinglist
Sorry, my bad.
Thread continued on other list as suggested.
Chris
--
Chris Friesen | MailStop: 043/33/F10
Nortel Networks | work: (613) 765-0557
3500 Carling Avenue | fax: (613) 765-2986
Nepean, ON K2H 8E9 Canada | email: [email protected]