docs/ebtables-hacking/ebtables-hacking-HOWTO-1.html - external/ebtables - Gitiles

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
 <html>
 <head>
 <title>Ebtables Hacking HOWTO: Introduction</title>

 <link HREF="ebtables-hacking-HOWTO.html#toc1" REL=contents>
 </head>
 <body>
 <a HREF="ebtables-hacking-HOWTO-2.html">Next</a>
 Previous
 <a HREF="ebtables-hacking-HOWTO.html#toc1">Contents</a>
 <hr>
 <h2><a NAME="intro"></a> <a NAME="s1">1.</a> <a HREF="ebtables-hacking-HOWTO.html#toc1">Introduction</a></h2>

 <p>Hi guys (famous opening sentence).</p>

 <p>This document wants to tell the interested how to implement extensions
 on top of the ebtables architecture.</p>

 <p>For more understanding of netfilter and a broader look I recommend
 reading the HOWTO's on the netfilter homepage. The "netfilter hacking HOWTO"
 is certainly worth your time. Also very recommended is the
 "ebtables/iptables interaction on a Linux-based bridge" document (call name br_fw_ia) which
 you can find on the ebtables homepage.
 </p>
 <p>
 This document discusses ebtables version 2.0, later versions might have subtle changes.
 </p>

 <p>(C) 2002 Bart De Schuymer.  Licenced under the GNU GPL.</p>

 <h2><a NAME="ss1.1">1.1</a> <a HREF="ebtables-hacking-HOWTO.html#toc1.1">What is ebtables?</a>
 </h2>

 <p>Ebtables is a filter/nat facility for the Linux Ethernet bridge. Its
 implementation and usage is very similar to that of iptables. However,
 ebtables works mostly on the Link Layer, while iptables mostly works on the
 Network Layer.
 <h2><a NAME="ss1.2">1.2</a> <a HREF="netfilter-hacking-HOWTO.html#toc1.2">Why do I need ebtables?</a>
 </h2>

 <p>
 Ebtables enables you to get a transparent bridging firewall, it also provides
 the functionality of a brouter and lets you make things like transparent proxys.
 What's cooler than playing around with a firewall? Playing around with a transparent
 firewall (stealth firewall), ofcourse! OK, a really cool stealth firewall would allow
 great stuff like IP NAT; that can be obtained with the bridge-nf stuff, which links
 iptables to the bridging world. For more information about bridge-nf, the br_fw_ia document
 is recommended.
 </p>
 <p>
 Concentrating on ebtables, it enables us, for example, to filter out ugly stuff
 like NetBEUI traffic coming from another side of the bridge into our sweet
 IP-only side. Basically, it gives us complete access to the Ethernet header of all frames
 the bridge can get its hands on, along with some elementary access to the protocols on top
 of Ethernet (like IP and ARP).
 </p>


 <h2><a NAME="ss1.3">1.3</a> <a HREF="netfilter-hacking-HOWTO.html#toc1.3">Who are you?</a>
 </h2>

 <p>I'm just someone who was foolish enough to start reading Rusty's code and, consequently,
 got hooked on kernel hacking. So all blame Rusty!
 </p>
 <hr>
 <a HREF="ebtables-hacking-HOWTO-2.html">Next</a>
 Previous
 <a HREF="ebtables-hacking-HOWTO.html#toc1">Contents</a>
 </body>
 </html>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
	<html>
	<head>
	<title>Ebtables Hacking HOWTO: Introduction</title>

	<link HREF="ebtables-hacking-HOWTO.html#toc1" REL=contents>
	</head>
	<body>
	<a HREF="ebtables-hacking-HOWTO-2.html">Next</a>
	Previous
	<a HREF="ebtables-hacking-HOWTO.html#toc1">Contents</a>
	<hr>
	<h2><a NAME="intro"></a> <a NAME="s1">1.</a> <a HREF="ebtables-hacking-HOWTO.html#toc1">Introduction</a></h2>

	<p>Hi guys (famous opening sentence).</p>

	<p>This document wants to tell the interested how to implement extensions
	on top of the ebtables architecture.</p>

	<p>For more understanding of netfilter and a broader look I recommend
	reading the HOWTO's on the netfilter homepage. The "netfilter hacking HOWTO"
	is certainly worth your time. Also very recommended is the
	"ebtables/iptables interaction on a Linux-based bridge" document (call name br_fw_ia) which
	you can find on the ebtables homepage.
	</p>
	<p>
	This document discusses ebtables version 2.0, later versions might have subtle changes.
	</p>

	<p>(C) 2002 Bart De Schuymer. Licenced under the GNU GPL.</p>

	<h2><a NAME="ss1.1">1.1</a> <a HREF="ebtables-hacking-HOWTO.html#toc1.1">What is ebtables?</a>
	</h2>

	<p>Ebtables is a filter/nat facility for the Linux Ethernet bridge. Its
	implementation and usage is very similar to that of iptables. However,
	ebtables works mostly on the Link Layer, while iptables mostly works on the
	Network Layer.
	<h2><a NAME="ss1.2">1.2</a> <a HREF="netfilter-hacking-HOWTO.html#toc1.2">Why do I need ebtables?</a>
	</h2>

	<p>
	Ebtables enables you to get a transparent bridging firewall, it also provides
	the functionality of a brouter and lets you make things like transparent proxys.
	What's cooler than playing around with a firewall? Playing around with a transparent
	firewall (stealth firewall), ofcourse! OK, a really cool stealth firewall would allow
	great stuff like IP NAT; that can be obtained with the bridge-nf stuff, which links
	iptables to the bridging world. For more information about bridge-nf, the br_fw_ia document
	is recommended.
	</p>
	<p>
	Concentrating on ebtables, it enables us, for example, to filter out ugly stuff
	like NetBEUI traffic coming from another side of the bridge into our sweet
	IP-only side. Basically, it gives us complete access to the Ethernet header of all frames
	the bridge can get its hands on, along with some elementary access to the protocols on top
	of Ethernet (like IP and ARP).
	</p>


	<h2><a NAME="ss1.3">1.3</a> <a HREF="netfilter-hacking-HOWTO.html#toc1.3">Who are you?</a>
	</h2>

	<p>I'm just someone who was foolish enough to start reading Rusty's code and, consequently,
	got hooked on kernel hacking. So all blame Rusty!
	</p>
	<hr>
	<a HREF="ebtables-hacking-HOWTO-2.html">Next</a>
	Previous
	<a HREF="ebtables-hacking-HOWTO.html#toc1">Contents</a>
	</body>
	</html>