Compiling the kernel sourceEbtables and bridge-netfilter are a part of the standard 2.6 kernel. Most Linux distributions enable this functionality in their custom kernels. However, if you want to build your own kernel, these steps have to be taken:
- With make menuconfig (or whatever) go to 'Device drivers->Networking support->Networking options'.
- Go to the bottom and check '802.1d Ethernet Bridging'. Check 'Network packet filtering (replaces ipchains)' and move into this directory.
- On a standard configuration iptables and arptables will see bridged traffic. If you don't want them to see bridged traffic, disable 'Bridged IP/ARP packets filtering'.
- Go to 'Bridge: Netfilter configuration' and enable the ebtables modules you want, for an explanation of what the modules do, see the help dialog inside the configuration tool or the ebtables man page.
Compiling and installing the userspace tool ebtables
If you download an official release, the steps are simple (replace
by the version you downloaded):
tar -xzf ebtables-vXXX.tar.gz cd ebtables-vXXX makeThe above compiles the ebtables source. To install the tool, do the following:
sudo make installIf you use the CVS version, you will need to specify the directory that contains the header files. You should specify the include directory from a recent 2.6 kernel, preferrably the one that corresponds to your kernel (see
make install KERNEL_INCLUDES=<kernel_dir>/include/There are some compile time options to specify the destination directories (you usually shouldn't care about these):
LIBDIRdenotes the directory where to put the shared libraries and defaults to
MANDIRdenotes the directory where to put the man page and defaults to
/man8subdirectory should not be specified).
BINDIRdenotes the directory where to put the ebtables executable and defaults to
/sbinin earlier versions of ebtables).
etcdirectory (defaults to
ETHERTYPESPATHdenotes the directory where to put the
ethertypesfile, which contains the assigned Ethernet protocol names (defaults to
DESTDIRdenotes the base directory, by default it is not set. If set, all files will be copied to places relative to
/(the root directory).