I'm trying to get bridging to work with a RedHat 8.0 system (kernel 2.4.18-19.8.0) and I'm not having much success.
I have a Linux Firewall (RH 8.0) connected to an Adelphia cable modem on eth0 and my home network hub on eth1. The bridge machine and 4 Windows machines are connected to the hub. I reconfigured as follows: Remove the firewall eth1 connection to the hub and connect it with a crossover cable to eth0 on the bridge machine. The eth1 interface on the bridge machine remains connected to the hub. I'm attempting a simple experiment first so I've set my Netfilter rules as follows: iptables --policy INPUT ACCEPT iptables --policy OUTPUT ACCEPT iptables --policy FORWARD ACCEPT iptables -t nat --policy PREROUTING ACCEPT iptables -t nat --policy OUTPUT ACCEPT iptables -t nat --policy POSTROUTING ACCEPT iptables -t mangle --policy PREROUTING ACCEPT iptables -t mangle --policy OUTPUT ACCEPT # Remove any existing rules from the built-in chains iptables --flush iptables -t nat --flush iptables -t mangle --flush # Remove any pre-existing user-defined chains iptables --delete-chain iptables -t nat --delete-chain iptables -t mangle --delete-chain I configure the bridge as follows: ifconfig eth0 down ifconfig eth1 down ifconfig eth0 0.0.0.0 promisc ifconfig eth1 0.0.0.0 promisc brctl addbr br0 brctl stp br0 off brctl addif br0 eth0 brctl addif br0 eth1 ifconfig br0 192.168.0.2 up route add default gw 192.168.0.100 "brctl showmacs br0" shows the ethernet addresses of all machines as expected and using gbrctl the ethernet interfaces go from listening to learning to forwarding as expected. None of the Windows machines can see the firewall with the bridge enabled. Ethereal shows packets being on eth0 but no responses from either the bridge machine or the firewall. /var/log/messages contains: Jan 12 15:45:44 Polo-Morgan kernel: ip_conntrack (512 buckets, 4096 max) Jan 12 15:47:30 Polo-Morgan kernel: NET4: Ethernet Bridge 008 for NET4.0 Jan 12 15:47:31 Polo-Morgan kernel: device eth0 entered promiscuous mode Jan 12 15:47:31 Polo-Morgan /etc/hotplug/net.agent: invoke ifup br0 Jan 12 15:47:31 Polo-Morgan kernel: device eth1 entered promiscuous mode Jan 12 15:47:31 Polo-Morgan kernel: eth0: Setting promiscuous mode. Jan 12 15:47:31 Polo-Morgan last message repeated 4 times Jan 12 15:47:31 Polo-Morgan kernel: eth1: Promiscuous mode enabled. Jan 12 15:47:31 Polo-Morgan last message repeated 3 times Jan 12 15:47:31 Polo-Morgan kernel: br0: port 2(eth1) entering listening state Jan 12 15:47:31 Polo-Morgan kernel: br0: port 1(eth0) entering listening state Jan 12 15:47:46 Polo-Morgan kernel: br0: port 2(eth1) entering learning state Jan 12 15:47:46 Polo-Morgan kernel: br0: port 1(eth0) entering learning state Jan 12 15:48:01 Polo-Morgan kernel: br0: port 2(eth1) entering forwarding state Jan 12 15:48:01 Polo-Morgan kernel: br0: topology change detected, propagating Jan 12 15:48:01 Polo-Morgan kernel: br0: port 1(eth0) entering forwarding state Jan 12 15:48:01 Polo-Morgan kernel: br0: topology change detected, propagating Jan 12 15:50:20 Polo-Morgan kernel: eth0: Setting promiscuous mode. Jan 12 15:54:52 Polo-Morgan ntpd[657]: synchronisation lost Jan 12 16:05:47 Polo-Morgan kernel: br0: port 2(eth1) entering disabled state Jan 12 16:05:47 Polo-Morgan kernel: br0: port 1(eth0) entering disabled state Jan 12 16:05:48 Polo-Morgan kernel: br0: port 1(eth0) entering disabled state Jan 12 16:05:48 Polo-Morgan kernel: br0: port 2(eth1) entering disabled state It looks like it should be working but I've probably overlooked something stupid. Can someone enlighten me? Thanks, Brad Morgan _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
