On Tue, Jan 29, 2013 at 9:45 AM, James <wirel...@tampabay.rr.com> wrote: > Hello, > > From here: http://ebtables.sourceforge.net/ > > > We read: > The ebtables tool can be combined with the other Linux filtering tools > (iptables, ip6tables and arptables) to make a bridging firewall that is also > capable of filtering these higher network layers. This is enabled through the > bridge-netfilter architecture which is a part of the standard Linux kernel. > > > Can someone explain to me when/how you would use ebtables > for enhanced security, or forward me to a good written > presentation on when, why or how to deploy ebtables? > Maybe a package already blends these components together? > I recently saw ebtables pop up in a commercial product > ( sniffed terminal boot session) offered by Seimens...... > > > Of keen interest is documentation/experiences on the > Gentoo platform when using ebtables. Googling has provided little. > > > curiously, > James > >
iptables and ip6tables operate at the data layer, layer 3. ebtables operates at the link layer, layer 2. This is really the best explanation I can offer, as I haven't used ebtables myself: http://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg -- :wq
