Home Explore Help
Register Sign In
FreifunkHochstift
/
gluon
6
0
Fork 0
Files Issues 0 Pull Requests 0
Tree: 224321c230
Branches Tags
gluon
/
docs
/
package
/
gluon-ebtables-source-filter.rst

gluon-ebtables-source-filter.rst 890 B
History Raw

123456789101112131415161718192021222324252627282930 
  1. gluon-ebtables-source-filter
    2. 

  2. ============================
    3. 

  3. 

  4. The *gluon-ebtables-source-filter* package adds an additional layer-2 filter
    5. 

  5. ruleset to prevent unreasonable traffic entering the network via the nodes.
    6. 

  6. Unreasonable means traffic entering the mesh via a node which source IP does
    7. 

  7. not belong to the configured IP space.
    8. 

  8. 

  9. One may first check if there is a certain proportion of unreasonable traffic,
    10. 

  10. before adding this package to the firmware image. Additional one should not
    11. 

  11. use this package if some kind of gateway or upstream network is provided by
    12. 

  12. a device connected to the client port.
    13. 

  13. 

  14. site.conf
    15. 

  15. ---------
    16. 

  16. 

  17. prefix4 : optional
    18. 

  18.     - IPv4 subnet
    19. 

  19. 

  20. prefix6 :
    21. 

  21.     - IPv6 subnet
    22. 

  22. 

  23. extra_prefixes6 : optional
    24. 

  24.     - list of additional IPv6 subnets
    25. 

  25. 

  26. Example::
    27. 

  27. 

  28.   prefix4 = '198.51.100.0/21',
    29. 

  29.   prefix6 = '2001:db8:8::/64',
    30. 

  30.   extra_prefixes6 = { '2001:db8:9::/64', '2001:db8:100::/60' },
    31.