Skip to main content
Server Fault

Questions tagged [ebtables]

Ask Question

The tag has no summary.

16 questions
Newest Active Bountied Unanswered
1 vote
0 answers
108 views

Blocking all trafic except legitimate router

In the business centre where I work, all clients are on the same network. The Internet <--> building router <--> building network (including rogue DHCP, etc) <--> my router's WAN ...
Andy Preston's user avatar
Andy Preston
  • 111
0 votes
0 answers
408 views

ebtables not working in docker

Hi I am trying to run ebtables within docker however none of the ebtables rules are being hit. For example - pay attention that counters are not increased though ARP is sent and succeeds [root@...
Boris's user avatar
Boris
  • 195
1 vote
1 answer
2k views

Forwarding ethernet frames to tap interface using ebtables / ebtables missing broute table

I spend much time today figuring out how to do this, but I could not find a solution. In my mind it should be possible. I'm trying to setup the following setup: setup overview Reading the tap1 ...
user avatar
user764570
0 votes
1 answer
187 views

Linux bridge leaking traffic of shutdown vms

I've a linux bridge (br0) setup with netplan as the following: version: 2 renderer: networkd ethernets: eno1: dhcp4: no dhcp6: no bridges: probr: interfaces: -...
Andrew's user avatar
Andrew
  • 21
0 votes
0 answers
456 views

Transform Broadcast packet in Unicast packet with iptables and ebtables

I've been struggling with this problem for months, and my limited networking knowledge doesn't allow me to progress further, so here I am asking for an advice. I have an OpenWRT Router with two ...
Claudio Mezzasalma's user avatar
Claudio Mezzasalma
  • 111
1 vote
1 answer
4k views

STP Packet Filtering

I have a KVM host with guests joined to a virtual bridge for networking. Netdata on guests of this system drew my attention to packets being dropped at the network interface level (the metric reported ...
user avatar
user233054
1 vote
0 answers
571 views

Ebtables rule limit

Does anyone have any idea about ebtables rule count limitations? It starts giving this error around 26000 rules for filter table : [root@localhost 09]# ebtables -A testchain1 -p IPv4 --ip-src 'ipv4.x....
Jevin Gala's user avatar
Jevin Gala
  • 69
1 vote
0 answers
261 views

Transparent Proxy with DHCP passthru?

I'm trying to replicate on a small Linux-based router a behavior I've seen elsewhere, such as in cable modems: I need to get a single DHCP address from the WAN side, offer/pass that same address to ...
sburlappp's user avatar
sburlappp
  • 11
0 votes
1 answer
2k views

Bridge filtering for man-in-the-middle network node

I am inserting my network node between 2 legacy devices that exchange tcp and udp messages using dedicated ports, in both directions. My new node needs to push some tcp/udp messages through ...
markm's user avatar
markm
  • 1
0 votes
1 answer
1k views

IP Packets stuck in routing decision

First of all, here is what my infra looks like and how it works : Controller1/2 and Compute1/2 both runs VM and are linked to each other via a VPN. On each server, the br-ext interface is plugged with ...
mitsugoya's user avatar
mitsugoya
  • 54
0 votes
1 answer
1k views

logging packets on a linux bridge

I'm trying to log packets using a bridge created on an espressobin v5 SOC. I've set it up using the archlinux arm package. This board is built out of the box to provide inherent switching and routing ...
j_unknown's user avatar
j_unknown
  • 3
0 votes
1 answer
1k views

Why does ebtables-restore fail when loading output from ebtables-save?

See: %sudo ebtables-save # Generated by ebtables-save v1.0 on Fri Mar 8 01:06:56 UTC 2019 *broute :BROUTING ACCEPT *nat :PREROUTING ACCEPT :OUTPUT ACCEPT :POSTROUTING ACCEPT *filter :INPUT ACCEPT :...
Gabe's user avatar
Gabe
  • 31
0 votes
1 answer
432 views

Block port 25 for a Kvm VM on server

I need to know how to block port 25 for a VM on a KVM server using ebtables or firewalld service . VM has interface name viifv3035 on the server and brctl shows this: # brctl show bridge name ...
Jevin Gala's user avatar
Jevin Gala
  • 69
3 votes
1 answer
2k views

Transparent LAN service on Linux

I need to implement a VLAN based transparent LAN service on Linux. Meaning I need to take configured VLAN and forward it directly to the specified port (all broadcast/multicast and unicast packets). ...
Ilya 's user avatar
Ilya
  • 177
1 vote
1 answer
1k views

How can it preserve source mac address unchanged after layer-3 filtering through a Linux bridge (which using bridge-utils and ebtables)

Background: I have a Linux bridge (Ubuntu 15.10, 64bit, name Bridge B) with two physical interfaces, eth0 and eth1, and the bridge interface’s name is br0. Send A (Win 10) connects to eth0, and ...
Dynamic's user avatar
Dynamic
  • 11
1 vote
1 answer
2k views

Block linux bridge traffic (only one way) using iptables or ebtables

I am using openwrt router. It has a bridge br-lan and wlan0, wlan1 are connected to this bridge. eth0 acts as the WAN interface. When a packet comes from wlan0 or wlan1 it goes from the bridge, gets ...
The Prenx's user avatar
The Prenx
  • 111