Thanks Tom,
Good to know whats possible and what is not.
Maybe i will look into removing the bridge and setting up a static route
between the wifi port and wired internal port - would this allow me to
accomplish what I need to do?
There is no necessity for the wireless clients and LAN clients to have the
same subnet as long as they can communicate with each other - sorry, gone a
bit off topic here.
Regards,
Darragh
On Wed, Oct 10, 2012 at 9:59 PM, Tom Eastep <[email protected]> wrote:
> On 10/10/2012 01:03 PM, Darragh O'Brien wrote:
> > Hi Tom.
> > It is originating (via VLC/VLM) from this same machine as Shorewall, the
> > Dreamplug.
> > The multicast traffic should be (and is currently) available to other
> > wired clients on the LAN - there is no multicast aware switch or
> > anything like that. This is a portable demo environment.
> > I just want the multicast traffic not to go out over the secured wifi as
> > it will kill the dreamplug with all the encryption it has to do etc.
>
> Hi Darragh,
>
> I'm afraid that you are out of luck. Beginning with kernel 2.6.20,
> Netfilter (iptables) can no longer filter traffic sent to a bridge based
> on which port the traffic will leave on. It can only do that on traffic
> between bridge ports.
>
> You will have to install and use brtables to accomplish your goal. You
> can use Shorewall Extension scripts to integrate your brtables commands
> with Shorewall start/stop/restart operations.
>
> Sorry,
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
> ------------------------------------------------------------------------------
> Don't let slow site performance ruin your business. Deploy New Relic APM
> Deploy New Relic app performance management and know exactly
> what is happening inside your Ruby, Python, PHP, Java, and .NET app
> Try New Relic at no cost today and get our sweet Data Nerd shirt too!
> http://p.sf.net/sfu/newrelic-dev2dev
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
--
Kind regards,
Darragh
Darragh O'Brien
Senior Solutions Consultant
Digisoft.tv Limited
Building 4200 C
Cork Airport Business Park
Kinsale Road
Cork
Ireland
Web: www.digisoft.tv
Tel: + 353 (0)21 4917272
Fax: + 353 (0)21 4917271
------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
