On Fri, Feb 01, 2002 at 12:11:34PM -0500, Madhu MV Murty wrote:
> I am trying to configure the iptables after i have configured bridge. The > kernel is 2.4.14.What i am trying to do is to restrict or drop all packets > coming from the interface eth1. > The setup is as follows : > Network(192.168.1.0) <------> (192.168.1.1)Router A > (172.16.0.2)(NAT)<-----------> Bridge <-----------------> (172.16.0.1)Router > B(83.x.x.x-public)(NAT) <------------------->Internet > The interfaces on the bridge are configured 0.0.0.0 and i have assigned an > IP Address to the Bridge br0 - 172.16.0.3 > I have given a statement iptables -A INPUT -j DROP .- this statement blocks > all traffic coming to the box . > iptables -A FORWARD -j DROP does not block traffic flowing from the network > to the outside world ie internet.If i ping www.yahoo.com from the Router A > or from a laptop on the 192.168.1.0 network, it still works and i am still > able to browse the internet from the laptop. > What is missing here ?? The bridge firewall patch!! That, or you have a loop in your topology which causes your bridge not to bridge. cheers, Lennert _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
