At least with the current bridge_nf patchset, there is no noticeable
difference between routing or bridging when it comes to
netfilter/iptables. The chains work in the same manner.
I haven't used the 2.4.7 patch, but my impression is that it works
similary.
--
Henrik Nordstrom
MARA Systems AB
"Munday, Merrick" wrote:
>
> Don't you have to set up a chain with the same name as the bridge?
>
> Like so:
>
> iptables -N br0
> iptables -A br0 -s 203.1.2.0/24 -j DROP
>
> I thought that the built-in chains were not used with bridging ...
>
> --Merrick Munday
>
> -----Original Message-----
> From: SinChanKeppel [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 18, 2001 5:10 AM
> To: [EMAIL PROTECTED]
> Subject: [Bridge] iptables
>
> i have sattle the br_add_bridge problem...
> now i need to test the iptables..
>
> i do this
>
> brctl addbr br0
> brctl addif br0 eth0
> brctl addif br0 eth1
> ifconfig eth0 0.0.0.0
> ifconfig eth1 0.0.0.0
> ifconfig br0 203.1.1.1
>
> iptables -A INPUT -s 203.1.2.0/24 -j DROP
>
> but looks like the packets that come from 203.1.2.0/24 still can go
> through...
>
> my kernel is 2.4.7 and i have run through all the steps from
> http://bridge.sourceforge.net/devel/bridge-nf/HOWTO
>
> _______________________________________________________________
> Get FREE Email, Chat Rooms and Games at http://www.lovemail.com
> _______________________________________________
> Bridge mailing list
> [EMAIL PROTECTED]
> http://www.math.leidenuniv.nl/mailman/listinfo/bridge
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
