[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: filter on ethernet type?

On Mon, Jan 05, 2004 at 10:55:53AM -0700, Eichert, Diana wrote:
> I had thought about tagging at the bridge level with the 
> multicast ethernet address 01-80-C2-00-00-03.  Is it possible 
> to create a bridge group of 1 interface to filter locally? If 
> so I could tag at the L2 layer then let PF redirect the packet 
> to a local userland 802.1x authenticator, which could modify 
> PF rules once authentication is successful.
The most simple approach would be to make the userland process (running
on the same machine as pf) capture those ethernet frames using pcap/bpf
and modify the pf filter rules. I assume that's not possible for some
reason (the bridge tagging and redirection sounds more complicated in
comparison), could you explain?