Layer 2 filtering project can anyone help?

Is there anyone who knows how to implement this project, what r the
necessary thing to be considered for this.....

The idea of this project is to implement a filter at layer 2
(Ethernet). The user will be given a command line utility and he can
add and remove rules into this filter. Depending on the rule decision
needs to be made on the current Ethernet frame. Following is the
specification:

1. The L2F gets started when the Linux Kernel boots up.
2. The user is given a command line utility with the following
syntax:
1. <utility_name> -add -s <source_mac_addr> -d
<destination_mac_addr> -a <action allow/deny>
3. Once the user enters adds the rule the L2f will add a node to its
internal linked list. The L2F need to capture the Ethernet frame and
extract source and destination mac addresses. If it matches any of the
existing rules it should perform that action. The linked list should
take care of all error conditions.

(E-Mail Removed) wrote:
> Is there anyone who knows how to implement this project, what r the
> necessary thing to be considered for this.....
>
> The idea of this project is to implement a filter at layer 2
> (Ethernet). The user will be given a command line utility and he can
> add and remove rules into this filter. Depending on the rule decision
> needs to be made on the current Ethernet frame. Following is the
> specification:
>
> 1. The L2F gets started when the Linux Kernel boots up.
> 2. The user is given a command line utility with the following
> syntax:
> 1. <utility_name> -add -s <source_mac_addr> -d
> <destination_mac_addr> -a <action allow/deny>
> 3. Once the user enters adds the rule the L2f will add a node to its
> internal linked list. The L2F need to capture the Ethernet frame and
> extract source and destination mac addresses. If it matches any of the
> existing rules it should perform that action. The linked list should
> take care of all error conditions.
>

Before continuing, please have a look at ebtables
<http://ebtables.sourceforge.net/>, and check if
it fits your purpose.

--

Tauno Voipio
tauno voipio (at) iki fi

On 16 Sep 2006, in the Usenet newsgroup comp.os.linux.networking, in article
<(E-Mail Removed). com>, (E-Mail Removed)
wrote:

>Is there anyone who knows how to implement this project, what r the
>necessary thing to be considered for this.....

Don't you like the answers that you received when you posted this
same set of questions to comp.protocols.tcp-ip (twice) and to
comp.security.firewalls on Friday, or do you expect mail responses or
haven't figured out how to find the responses at google?

Short answer: Why are you trying to re-invent the wheel?

Old guy