The ebtables program is a filtering tool for a bridging firewall. The filtering is focussed on the Link Layer Ethernet frame fields. Apart from filtering, it also gives the ability to alter the Ethernet MAC addresses and implement a brouter.
This website is also a reference for the Linux bridge-nf code, which gives Linux the functionality of a bridging IP/IPv6/ARP firewall, by letting iptables/ip6tables/arptables ‘see’ the bridged IPv4/IPv6/ARP packets.
Both ebtables and bridge-nf are a part of the standard 2.6 kernel. A patch for the 2.4 stable kernel is maintained here, because enough people keep bugging me when Marcelo releases yet another 2.4 kernel.
I agree with raspi.
With ebtables we could give our user transparent caching system that could give better internet experiences to user.
Using distributed web caching using zeroshell, configure as sibling could increase web browsing performance. With web caching, bandwidth saving could reach 20%.
Also, the “caching box” can not see by client because using bridge mode.
The security and QoS could be implementing in the bridge mode without add higher latency from layer 3 applications.
Zeroshell can use iptables either for routed or bridged traffic. I do not understand why you want to use ebtables.
Transparent proxy already works in Zeroshell without using ebtables.
In any case the proxy of Zeroshell is not a web cache. It is instead able to scan the web page for Virus.
I am trying to block the ARP packets which is bleeding thru my bridge. But I was not able to do it successfully by using iptables. Can anyone tell me how to do that? I would really appreciate the help.