----- Original Message ----- From: "Tim Riley" <[EMAIL PROTECTED]> To: "Bart De Schuymer" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, March 18, 2002 2:42 AM Subject: Re: [Bridge] allowing external access to the bridge
> Hi Bart, > > The IP assigned to the bridge is actually not NAT'd as I am using all > external IP's (hence my reason for using a bridge firewall). Here's a > little background: > > It's a business cable modem account, bridged connection. I have 7 IP's > (xx.xx.xx.44-50). The bridge/firewall currently has 2 NIC's, eth0 to the > net, and eth1 to the LAN. The bridged interface, br0, has the IP > xx.xx.xx.50. I am able to access the firewall from all machines on it's > subnet, but I can't seem to punch an ssh hole from the internet. > You should do more testing. Put logs in your iptables rules that print out something when a packet arrives from your internet box. Use tcpdump to see if those packets ever even arrive. Can you ping to the bridge from outside? Can you ping to the hosts behind the bridge from outside? Could be your provider does not allow connections with tcp ports below 1024. Try running sshd on a port above 1024 (sshd -p port). Ssh to the box on that port ofcourse (ssh -p port). I know my cable provider does not allow them... The bridge code is not responsible for you not being able to log in from the internet. Either your firewall rules are wrong, either your provider stops you. cheers, Bart _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
