SEO

#1 (**permalink**) 02-18-2008, 06:27 AM

Is there anyone who knows how to implement this project, what r the
necessary thing to be considered for this.....

The idea of this project is to implement a filter at layer 2
(Ethernet). The user will be given a command line utility and he can
add and remove rules into this filter. Depending on the rule decision
needs to be made on the current Ethernet frame. Following is the
specification:

1. The L2F gets started when the Linux Kernel boots up.
2. The user is given a command line utility with the following
syntax:
1. <utility_name> -add -s <source_mac_addr> -d
<destination_mac_addr> -a <action allow/deny>
3. Once the user enters adds the rule the L2f will add a node to its
internal linked list. The L2F need to capture the Ethernet frame and
extract source and destination mac addresses. If it matches any of the
existing rules it should perform that action. The linked list should
take care of all error conditions.

#2 (**permalink**) 02-18-2008, 06:27 AM

I didn't really get what you meant but I'm guessing a bit

You want an ethernet interface where you can add/remove/edit
firewall(?) rules that filter traffic through your server(?). I dunno,
but I think it could work like a cisco switch in some way. There you
can telnet in and/or use the ethernet to com port interface and access
the administration interface. If you are using linux ipchains can do
alot and iptables is pretty sophisticated as well. With some scripting
you should be able to pull it off. (assuming I understood the question
at all) Hope it goes well

abhils44@gmail.com skrev:

> Is there anyone who knows how to implement this project, what r the
> necessary thing to be considered for this.....
>
> The idea of this project is to implement a filter at layer 2
> (Ethernet). The user will be given a command line utility and he can
> add and remove rules into this filter. Depending on the rule decision
> needs to be made on the current Ethernet frame. Following is the
> specification:
>
> 1. The L2F gets started when the Linux Kernel boots up.
> 2. The user is given a command line utility with the following
> syntax:
> 1. <utility_name> -add -s <source_mac_addr> -d
> <destination_mac_addr> -a <action allow/deny>
> 3. Once the user enters adds the rule the L2f will add a node to its
> internal linked list. The L2F need to capture the Ethernet frame and
> extract source and destination mac addresses. If it matches any of the
> existing rules it should perform that action. The linked list should
> take care of all error conditions.

#3 (**permalink**) 02-18-2008, 06:27 AM

I didn't really get what you meant but I'm guessing a bit

You want an ethernet interface where you can add/remove/edit
firewall(?) rules that filter traffic through your server(?). I dunno,
but I think it could work like a cisco switch in some way. There you
can telnet in and/or use the ethernet to com port interface and access
the administration interface. If you are using linux ipchains can do
alot and iptables is pretty sophisticated as well. With some scripting
and editing of the bootup scripts you should be able to pull it off.
(assuming I understood the question at all) Hope it goes well

abhils44@gmail.com skrev:

> Is there anyone who knows how to implement this project, what r the
> necessary thing to be considered for this.....
>
> The idea of this project is to implement a filter at layer 2
> (Ethernet). The user will be given a command line utility and he can
> add and remove rules into this filter. Depending on the rule decision
> needs to be made on the current Ethernet frame. Following is the
> specification:
>
> 1. The L2F gets started when the Linux Kernel boots up.
> 2. The user is given a command line utility with the following
> syntax:
> 1. <utility_name> -add -s <source_mac_addr> -d
> <destination_mac_addr> -a <action allow/deny>
> 3. Once the user enters adds the rule the L2f will add a node to its
> internal linked list. The L2F need to capture the Ethernet frame and
> extract source and destination mac addresses. If it matches any of the
> existing rules it should perform that action. The linked list should
> take care of all error conditions.

#4 (**permalink**) 02-18-2008, 06:27 AM

I didn't really get what you meant but I'm guessing a bit

You want an ethernet interface where you can add/remove/edit
firewall(?) rules that filter traffic through your server(?). I dunno,
but I think it could work like a cisco switch in some way. There you
can telnet in and/or use the ethernet to com port interface and access
the administration interface. If you are using linux ipchains can do
alot and iptables is pretty sophisticated as well. With some scripting
and editing of the bootup scripts you should be able to pull it off.
(assuming I understood the question at all) Hope it goes well

abhils44@gmail.com skrev:

> Is there anyone who knows how to implement this project, what r the
> necessary thing to be considered for this.....
>
> The idea of this project is to implement a filter at layer 2
> (Ethernet). The user will be given a command line utility and he can
> add and remove rules into this filter. Depending on the rule decision
> needs to be made on the current Ethernet frame. Following is the
> specification:
>
> 1. The L2F gets started when the Linux Kernel boots up.
> 2. The user is given a command line utility with the following
> syntax:
> 1. <utility_name> -add -s <source_mac_addr> -d
> <destination_mac_addr> -a <action allow/deny>
> 3. Once the user enters adds the rule the L2f will add a node to its
> internal linked list. The L2F need to capture the Ethernet frame and
> extract source and destination mac addresses. If it matches any of the
> existing rules it should perform that action. The linked list should
> take care of all error conditions.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

SEO

Layer 2 filtering project can anyone help?