On Sun, 23 Dec 2001 [EMAIL PROTECTED] wrote: You need choice the bridge-firewall options in your kernel, this option is after the bridge options. remember select the options imcomplete-code first.
> Send Bridge mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, visit > http://www.math.leidenuniv.nl/mailman/listinfo/bridge > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Bridge digest..." > > > Today's Topics: > > 1. will not filter correctly (Marc Cozzi) > 2. Using Bridge to Build a Linux Switch (Allan Liska) > 3. Re: Promiscuous Soup (Mathew McKernan) > > --__--__-- > > Message: 1 > From: Marc Cozzi <[EMAIL PROTECTED]> > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > Date: Sat, 22 Dec 2001 15:25:56 -0500 > Subject: [Bridge] will not filter correctly > > Happy holidays, > > I've installed RH 7.2 in an AMD K6 233 system with two > 3C905 nics. This is a 2.4.7-10 kernel, I think. > Downloaded the 2.4.16 kernel configured all the options for > netfilter and Ethernet bridge then installed > kernel-2.4.9-13brnf0.0.4.i686.rpm with the following command > rpm -ivp -ignorearch and all went well. > Then issued the following commands: > > /sbin/ifconfig eth0 0.0.0.0 > /sbin/ifconfig eth1 0.0.0.0 > /usr/local/sbin/brctl addbr br0 > /usr/local/sbin/brctl addif br0 eth0 > /usr/local/sbin/brctl addif br0 eth1 > /sbin/ifconfig br0 1.2.3.4 up > > The interfaces come up and start bridging correctly. I can even > ssh into the br0 interface. I have a system on the outside with the > IP 2.3.4.5 and one inside numbered 1.2.3.6. > > > However, none of the following > iptables commands seem to restrict data flow. > > iptables -I INPUT -s 2.3.4.5 -j DROP > iptables -I OUTPUT -s 2.3.4.5 -j DROP > iptables -I FORWARD -s 2.3.4.5 -j DROP > > iptables -I INPUT -d 1.2.3.6 -j DROP > iptables -I OUTPUT -d 1.2.3.6 -j DROP > iptables -I FORWARD -d 1.2.3.6 -j DROP > > I would think this should block all traffic between the > two systems. > > Do I need to go back and apply any of the patches? It's not > clear to me what the order of patches are for the 2.4.16 > kernel. > > Thanks for any help getting this working. > > marc > > --__--__-- > > Message: 2 > Date: Sat, 22 Dec 2001 17:58:14 -0500 > From: Allan Liska <[EMAIL PROTECTED]> > Reply-To: Allan Liska <[EMAIL PROTECTED]> > Organization: http://www.allan.org > To: [EMAIL PROTECTED] > Subject: [Bridge] Using Bridge to Build a Linux Switch > > Hello, > > I was wondering if anyone had successfully used bridge to build a > Linux-based switch? I was thinking that a system with 2-3 Quad Port > Ethernet Cards, might make a good switch. > > Any thoughts? > > Thanks! > > > allan > _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
