[CentOS] Optimizing CentOS for gigabit firewall

Les Mikesell lesmikesell at gmail.com
Sat Dec 19 16:42:31 UTC 2009


Peter Serwe wrote:
> So basically, you're saying you'd want to allow or disallow traffic 
> based on mac address?  Seems like you could put mac filters on a number 
> switches, Cisco being the most easily documented by Mr. Google.
> 
> Be a lot faster than any kernel, and a total waste of BSD.  If you can 
> do it on Linux via some other mechanism, go for it.
> 

Or perhaps use a VLAN trunk to the switch with the devices you want to isolate 
on different VLANs.  This gives you a different interface/subnet per VLAN for 
more natural control.

-- 
   Les Mikesell
    lesmikesell at gmail.com



More information about the CentOS mailing list