ebtables
ebtables: "The ebtables program is a filtering tool for a bridging firewall. The filtering is focussed on the Link Layer Ethernet frame fields. Apart from filtering, it also gives the ability to alter the Ethernet MAC addresses and implement a brouter.
This website is also a reference for the Linux bridge-nf code, which gives Linux the functionality of a bridging IP/IPv6/ARP firewall, by letting iptables/ip6tables/arptables 'see' the bridged IPv4/IPv6/ARP packets.
Both ebtables and bridge-nf are a part of the standard 2.6 kernel. A patch for the 2.4 stable kernel is maintained here, because enough people keep bugging me when Marcelo releases yet another 2.4 kernel."
- posted by Gp @ 7:03 AM