What can ebtables do?

  • Ethernet protocol filtering.
  • MAC address filtering.
  • Simple IP header filtering.
  • ARP header filtering.
  • 802.1Q VLAN filtering.
  • In/Out interface filtering (logical and physical device).
  • MAC address nat.
  • Logging.
  • Frame counters.
  • Ability to add, delete and insert rules; flush chains; zero counters.
  • Brouter facility.
  • Ability to atomically load a complete table, containing the rules you made, into the kernel. See the man page and the examples section.
  • Support for user defined chains.
  • Support for marking frames and matching marked frames.