Overview

Fast Path Filtering Ethernet Bridge provides bridge (layer 2) filtering in the fast path.

Rules defined via the Linux tool ebtables are automatically applied in the fast path.

See also

For more information, see the ebtables manual pages.

Features

  • filter and broute tables
  • BROUTING, INPUT, FORWARD and OUTPUT hooks
  • User-defined chains
  • Standard targets: ACCEPT, DROP, CONTINUE, RETURN
  • Matches (with or without ‘!’ flag):
    • Input/output (logical or not) interface
    • MAC source/destination
    • IP(v4/v6) source/destination address
    • IP(v4/v6) source/destination port
    • IPv4 type of service and protocol
    • IPv6 traffic class and protocol

Dependencies

Linux

  • Kernel compiled with Netfilter and ebtables support