diff options
author | Bart De Schuymer <bdschuym@pandora.be> | 2002-09-06 19:10:33 +0000 |
---|---|---|
committer | Bart De Schuymer <bdschuym@pandora.be> | 2002-09-06 19:10:33 +0000 |
commit | 68bdce38b3794bd91b89c7e2e3cb0c0dfa0163bf (patch) | |
tree | 9f2b1e7a32aec65eafea28e2dcd0bc555fc4bc92 /docs/ebtables-hacking/ebtables-hacking-HOWTO-1.html | |
parent | 89cc15e186d810ee281466bac734edaf6d60b28b (diff) |
*** empty log message ***
Diffstat (limited to 'docs/ebtables-hacking/ebtables-hacking-HOWTO-1.html')
-rw-r--r-- | docs/ebtables-hacking/ebtables-hacking-HOWTO-1.html | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/docs/ebtables-hacking/ebtables-hacking-HOWTO-1.html b/docs/ebtables-hacking/ebtables-hacking-HOWTO-1.html new file mode 100644 index 0000000..b4cf2d1 --- /dev/null +++ b/docs/ebtables-hacking/ebtables-hacking-HOWTO-1.html @@ -0,0 +1,72 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<html> +<head> +<title>Ebtables Hacking HOWTO: Introduction</title> + +<link HREF="ebtables-hacking-HOWTO.html#toc1" REL=contents> +</head> +<body> +<a HREF="ebtables-hacking-HOWTO-2.html">Next</a> +Previous +<a HREF="ebtables-hacking-HOWTO.html#toc1">Contents</a> +<hr> +<h2><a NAME="intro"></a> <a NAME="s1">1.</a> <a HREF="ebtables-hacking-HOWTO.html#toc1">Introduction</a></h2> + +<p>Hi guys (famous opening sentence).</p> + +<p>This document wants to tell the interested how to implement extensions +on top of the ebtables architecture.</p> + +<p>For more understanding of netfilter and a broader look I recommend +reading the HOWTO's on the netfilter homepage. The "netfilter hacking HOWTO" +is certainly worth your time. Also very recommended is the +"ebtables/iptables interaction on a Linux-based bridge" document (call name br_fw_ia) which +you can find on the ebtables homepage. +</p> +<p> +This document discusses ebtables version 2.0, later versions might have subtle changes. +</p> + +<p>(C) 2002 Bart De Schuymer. Licenced under the GNU GPL.</p> + +<h2><a NAME="ss1.1">1.1</a> <a HREF="ebtables-hacking-HOWTO.html#toc1.1">What is ebtables?</a> +</h2> + +<p>Ebtables is a filter/nat facility for the Linux Ethernet bridge. Its +implementation and usage is very similar to that of iptables. However, +ebtables works mostly on the Link Layer, while iptables mostly works on the +Network Layer. +<h2><a NAME="ss1.2">1.2</a> <a HREF="netfilter-hacking-HOWTO.html#toc1.2">Why do I need ebtables?</a> +</h2> + +<p> +Ebtables enables you to get a transparent bridging firewall, it also provides +the functionality of a brouter and lets you make things like transparent proxys. +What's cooler than playing around with a firewall? Playing around with a transparent +firewall (stealth firewall), ofcourse! OK, a really cool stealth firewall would allow +great stuff like IP NAT; that can be obtained with the bridge-nf stuff, which links +iptables to the bridging world. For more information about bridge-nf, the br_fw_ia document +is recommended. +</p> +<p> +Concentrating on ebtables, it enables us, for example, to filter out ugly stuff +like NetBEUI traffic coming from another side of the bridge into our sweet +IP-only side. Basically, it gives us complete access to the Ethernet header of all frames +the bridge can get its hands on, along with some elementary access to the protocols on top +of Ethernet (like IP and ARP). +</p> + + +<h2><a NAME="ss1.3">1.3</a> <a HREF="netfilter-hacking-HOWTO.html#toc1.3">Who are you?</a> +</h2> + +<p>I'm just someone who was foolish enough to start reading Rusty's code and, consequently, +got hooked on kernel hacking. So all blame Rusty! +</p> +<hr> +<a HREF="ebtables-hacking-HOWTO-2.html">Next</a> +Previous +<a HREF="ebtables-hacking-HOWTO.html#toc1">Contents</a> +</body> +</html> + |