YC Wang wrote: > Hello,everyone, > > I have a question: > Is it possible to filter packets _flowing through_ the bridge, > whether by using ipfilters or by some other means, in the current > bridge implementation? And if not, is this under development or is > there such plans in the near future?
Not currently possible, but highly desired as a feature. The limiting factor right now is the way in which IP Filter hooks into the stack: it's connected inside of IP itself, which means that it generally doesn't see packets that bridging has forwarded. There is (or was?) a project called "L2 Filtering" that would be able to provide the right hooks to allow the IP Filter code to be applied to bridged packets. I don't know the state of that project, though, because it's been quite some time since I last looked into it. -- James Carlson 42.703N 71.076W <[email protected]> _______________________________________________ rbridges-dev mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/rbridges-dev
