On 26/06/15 03:09, Jed Clear wrote: > I haven't explored iptables in bridge/layer 2 mode, but there is no > fundamental reason you can't packet sniff or firewall traffic in bridge mode. > The traffic has to pass through your kernel.
iptables can be a bit daunting to set up directly. I use shorewall to do so. I haven't used it but shorewall also has a layer 2 mode: http://shorewall.net/bridge-Shorewall-perl.html Shorewall is available in Debian as a package: apt-get install shorewall. _______________________________________________ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
