On Wed, Mar 29, 2006 at 01:16:30PM -0800, [EMAIL PROTECTED] wrote:
> >> With STP disabled it is still possible to use the same type of packet
> >> socket to receive EAPOL frames. However, the frames will now end up
> >> being received from the bridge interface (e.g., br0), not Ethernet
> >> (eth0)
On Fri, 2006-31-03 at 21:21 -0700, Stephen Hemminger wrote:
> jamal wrote:
>
[..]
> >I think thats a fine trade-off. The advantage of putting it in user
> >space is its a lot easier to add newer features. The current STP - by
> >virtue of being in the kernel - is missing a lot of newer development
jamal wrote:
On Wed, 2006-29-03 at 13:16 -0800, [EMAIL PROTECTED] wrote:
On Wed, 2006-29-03 at 11:14 -0800, Jouni Malinen wrote:
[..]
A digression: One of the problems of the bridge in my opinion is having
STP, a control protocol, inside the kernel. I do hope someone with time
will rip it o
On Wed, 2006-29-03 at 13:16 -0800, [EMAIL PROTECTED] wrote:
> > On Wed, 2006-29-03 at 11:14 -0800, Jouni Malinen wrote:
> > [..]
> >
> > A digression: One of the problems of the bridge in my opinion is having
> > STP, a control protocol, inside the kernel. I do hope someone with time
> > will rip i
The generic solution here is to use ebtables - the broute chain is there
to perform exactly this kind of filtering. Set a rule in the broute
chain to route these EAPOL frames, rather than bridging them. Then open
the packet socket on the original interface.
Simon
-Original Message-
From:
> On Wed, 2006-29-03 at 11:14 -0800, Jouni Malinen wrote:
> [..]
>
> A digression: One of the problems of the bridge in my opinion is having
> STP, a control protocol, inside the kernel. I do hope someone with time
> will rip it out of the kernel some day.
I looked into it, but the size of STP is
On Wed, 2006-29-03 at 11:14 -0800, Jouni Malinen wrote:
[..]
A digression: One of the problems of the bridge in my opinion is having
STP, a control protocol, inside the kernel. I do hope someone with time
will rip it out of the kernel some day.
> With STP disabled it is still possible to use the
