[LARTC] block ethernet IPv4 traffic
Anton Glinkov
lartc@ssi.bg
Mon, 19 Jul 2004 15:18:14 +0300 (EEST)
On Mon, July 19, 2004 15:04, Ed Wildgoose said:
>
>>I want to block the IP traffic between any 2 hosts on a switched ethernet
>>LAN. Will setting all the possible IP addresses on a linux machine in the
>>LAN do the trick or there is another easier solution?
>>
>>
>
> You need to arrange to have the linux machine running as that switch,
> which is unlikely to be practical.
>
> See if your switch has such options (if it's a high end device).
> Otherwise your best option is to segregate the two LAN's and then route
> or bridge between then, the linux box will do filtering in the middle.
>
> You haven't said what you are trying to achieve, so it's hard to offer
> better suggestions
>
the bridge thing is not possible.. the network is too big.. 300 machines..
with over 30 switches (only one of them is manageable) :(
Basically I want to deny ethertype 0800 (IPv4) packets for that LAN.
The only solution I thought of was to have a linux machine in this LAN
that has all the possible IP addresses set on its interface.
--
Anton Glinkov
network administrator