Menu
What's new
By:
Filters Better Search

How does Netfilter handle BROUTE chain Link Layer data in Network Layer?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

SDF07S

Occasional Visitor
There is a way to use Netfilter EBTables BROUTE chain to force Link Layer data to go directly to Network Layer for filtering, but Link Layer can filter frames that Network Layer cannot. If I use BROUTE for LLDP frames, then what does Network Layer do with such frames? IPTables only works with Layer 3 packets and ARP. What can it possibly do with LLDP frames or any other Layer 2 information it receives? Here's the diagram:
YkwUi.png
 
Recall that LLDP is typically over the LAN only, and not forwarded...

It's a security risk to do so otherwise.
 
You must log in or register to reply here.

Similar threads

drinkingbird
Tutorial Repeaters vs Bridges vs Routers
Replies
3
Views
1K
sfx2000
sfx2000
A
ASUS Dual WAN Failover, Then Failback, Leaves Secondary LAN in "Hot Standby"
Replies
4
Views
2K
Kingp1n
K
P
Tutorial Subnetting isolation without a VLAN switch
Replies
6
Views
1K
Justinh
J
HELLO_wORLD
One mirroring solution for IDS (my approach and solution)
Replies
5
Views
1K
HELLO_wORLD
HELLO_wORLD
R
Open firewall hole from iPhone to guest IOT
Replies
0
Views
1K
rdy2
R
Similar threads
Thread starter Title Forum Replies Date
ddaenen1 Does it make sense to change my modem? Routers 9
O Router that can handle 1000Mbit Full duplex WAN-LAN Routers 36

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 611 (members: 23, guests: 588)
Top