Layer-2 filtering in NPF

To: tech-net%netbsd.org@localhost
Subject: Layer-2 filtering in NPF
From: Emmanuel Nyarko <emmankoko519%gmail.com@localhost>
Date: Wed, 2 Jul 2025 14:12:35 +0000

Hi tech-net,

Layer 2 filtering in NPF has been merged. man updated.

Follows a simple 

group name direction interface layer-2 {
	pass_or_block ether direction interface from src_MAC to dst_MAC type Ex(4 hex for ether_type) 
}

groups without layer-2 labels have the layer 3 bit set in the attribues automatically (so it doesn’t break existing configurations)
so no need to set layer-3 label. layer 2 default group isn’t mandatory until you include a layer 2 group. so your existing configs are safe.

reviewing policy based routing(force a packet to a particular interface) next.

anyone in desperate need of any feature, let me know. i can do my best to finish it quickly. 


Emmanuel

Follow-Ups:
- Re: Layer-2 filtering in NPF
  - From: Markus Kilbinger
- Re: Layer-2 filtering in NPF
  - From: Manuel Bouyer

Prev by Date: Re: ISC's EoL dhcp suite, including dhcpd
Next by Date: Re: Layer-2 filtering in NPF
Previous by Thread: IP_HDRINCL byte ordering
Next by Thread: Re: Layer-2 filtering in NPF
Indexes:

Home | Main Index | Thread Index | Old Index