Selective "bridging" based on MAC address?
The set-top-box of the local cable company (Telenet) requires a "direct" connection with the cable-modem, whereas most of my network is behind my Linux firewall/router. So far this meant that there was a separate powerLan network to create the direct connection between cable-modem and STB, but that's a mess and causes intererence with the powerLan I use for my real LAN.
Now, since I use a full-fledged Linux firewall, I was wondering whether I could somehow change my IPTables rules so that, for traffic to & from the STB's MAC address, the Linux firewall would act more like a bridge, allowing me to connect the STB to my normal (physical) LAN, but still having it get an IP address directly from the cable-modem and being able to send/receive broadcasts to/from that cable modem... For everything else on the LAN the firewall should of course still apply NAT and the normal blocking of inbound packets.
Also note that the cable-modem itself will give the Linux server (or any other machine than the STB) a public IP address, but will give the STB one in the 10.x.x.x range.
I see all kinds of possible problems, but since I'm not really a networking expert, I would like the input from some who are, on whether this is somehow possible.
Thanks in advance for your useful input ...