Find the answer to your Linux question:
Results 1 to 6 of 6
Is there any way to disable or firewall Spanning Tree Procol in the linux kernel, ebtables, or iptables?...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2009
    Posts
    12

    Block spanning tree protocol


    Is there any way to disable or firewall Spanning Tree Procol in the linux kernel, ebtables, or iptables?

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Sure, if you know what port it is using then just block that port. But why would you want to block STP.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Just Joined!
    Join Date
    May 2009
    Posts
    12
    I don't know if iptables works on layer 2 protocols, the port is only listed in hex 0x8002, i think i've already converted that to decimal, but i can't block the port.
    I don't like STP across my wireless, because it's annoying and consumes uncessary bandwidth, just for a home wireless network. I'm not worried about the need for having spanning tree protocol run across my home wireless network. I don't have any need for redundant switches. I know it might be useful if i had backup switches or something like that, but I don't use those.

  4. #4
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    In that case why not shut off STP totally if not needed? What type of switch are you running?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  5. #5
    Just Joined!
    Join Date
    May 2009
    Posts
    12
    im unable to at the switch. Unforunatley I can't get a terminal and there's no option to shut off STP. I'm trying to block it at the client at the least.

    Thanks

  6. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    What you are going to need to do is create a VLAN for the port that you want to block STP on and then issue the following command:

    Code:
    no spanning-tree vlan vlan_ID
    That should disable STP for that port on a Cisco Switch.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •