Don't you have to set up a chain with the same name as the bridge?
Like so:
iptables -N br0
iptables -A br0 -s 203.1.2.0/24 -j DROP
I thought that the built-in chains were not used with bridging ...
--Merrick Munday
-----Original Message-----
From: SinChanKeppel [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 5:10 AM
To: [EMAIL PROTECTED]
Subject: [Bridge] iptables
i have sattle the br_add_bridge problem...
now i need to test the iptables..
i do this
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0
ifconfig eth1 0.0.0.0
ifconfig br0 203.1.1.1
iptables -A INPUT -s 203.1.2.0/24 -j DROP
but looks like the packets that come from 203.1.2.0/24 still can go through...
my kernel is 2.4.7 and i have run through all the steps from http://bridge.sourceforge.net/devel/bridge-nf/HOWTO
_______________________________________________________________
Get FREE Email, Chat Rooms and Games at http://www.lovemail.com
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
