[CentOS] Optimizing CentOS for gigabit firewall
Les Mikesell
lesmikesell at gmail.com
Sat Dec 19 16:42:31 UTC 2009
Peter Serwe wrote:
> So basically, you're saying you'd want to allow or disallow traffic
> based on mac address? Seems like you could put mac filters on a number
> switches, Cisco being the most easily documented by Mr. Google.
>
> Be a lot faster than any kernel, and a total waste of BSD. If you can
> do it on Linux via some other mechanism, go for it.
>
Or perhaps use a VLAN trunk to the switch with the devices you want to isolate
on different VLANs. This gives you a different interface/subnet per VLAN for
more natural control.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list