I've solved my problem... I had one 3com 3C905C and one Linksys (tulip) ethernet card in the bridge machine. I replaced the Linksys card with another 3C905C and now the bridge works.
Now I'm off to see how much more trouble I can get into! Does anyone know why the Linksys card didn't work? Is it a driver problem or a hardware problem? Regards, Brad -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Martin Bammer Sent: Monday, January 13, 2003 12:51 AM To: [EMAIL PROTECTED] Subject: Re: [Bridge] Help for a newbie Am Montag, 13. Januar 2003 01:20 schrieb Brad Morgan: > I'm trying to get bridging to work with a RedHat 8.0 system (kernel > 2.4.18-19.8.0) and I'm not having much success. > > I have a Linux Firewall (RH 8.0) connected to an Adelphia cable modem on > eth0 and my home network hub on eth1. The bridge machine and 4 Windows > machines are connected to the hub. > > I reconfigured as follows: > > Remove the firewall eth1 connection to the hub and connect it with a > crossover cable to eth0 on the bridge machine. The eth1 interface on the > bridge machine remains connected to the hub. > > I'm attempting a simple experiment first so I've set my Netfilter rules as > follows: > > iptables --policy INPUT ACCEPT > iptables --policy OUTPUT ACCEPT > iptables --policy FORWARD ACCEPT > > iptables -t nat --policy PREROUTING ACCEPT > iptables -t nat --policy OUTPUT ACCEPT > iptables -t nat --policy POSTROUTING ACCEPT > > iptables -t mangle --policy PREROUTING ACCEPT > iptables -t mangle --policy OUTPUT ACCEPT > > # Remove any existing rules from the built-in chains > iptables --flush > iptables -t nat --flush > iptables -t mangle --flush > > # Remove any pre-existing user-defined chains > iptables --delete-chain > iptables -t nat --delete-chain > iptables -t mangle --delete-chain > > I configure the bridge as follows: > > ifconfig eth0 down > ifconfig eth1 down > ifconfig eth0 0.0.0.0 promisc > ifconfig eth1 0.0.0.0 promisc > brctl addbr br0 > brctl stp br0 off > brctl addif br0 eth0 > brctl addif br0 eth1 > ifconfig br0 192.168.0.2 up > route add default gw 192.168.0.100 > > "brctl showmacs br0" shows the ethernet addresses of all machines as > expected and using gbrctl the ethernet interfaces go from listening to > learning to forwarding as expected. > > None of the Windows machines can see the firewall with the bridge enabled. > Ethereal shows > packets being on eth0 but no responses from either the bridge machine or > the firewall. > > /var/log/messages contains: > > Jan 12 15:45:44 Polo-Morgan kernel: ip_conntrack (512 buckets, 4096 max) > Jan 12 15:47:30 Polo-Morgan kernel: NET4: Ethernet Bridge 008 for NET4.0 > Jan 12 15:47:31 Polo-Morgan kernel: device eth0 entered promiscuous mode > Jan 12 15:47:31 Polo-Morgan /etc/hotplug/net.agent: invoke ifup br0 > Jan 12 15:47:31 Polo-Morgan kernel: device eth1 entered promiscuous mode > Jan 12 15:47:31 Polo-Morgan kernel: eth0: Setting promiscuous mode. > Jan 12 15:47:31 Polo-Morgan last message repeated 4 times > Jan 12 15:47:31 Polo-Morgan kernel: eth1: Promiscuous mode enabled. > Jan 12 15:47:31 Polo-Morgan last message repeated 3 times > Jan 12 15:47:31 Polo-Morgan kernel: br0: port 2(eth1) entering listening > state > Jan 12 15:47:31 Polo-Morgan kernel: br0: port 1(eth0) entering listening > state > Jan 12 15:47:46 Polo-Morgan kernel: br0: port 2(eth1) entering learning > state > Jan 12 15:47:46 Polo-Morgan kernel: br0: port 1(eth0) entering learning > state > Jan 12 15:48:01 Polo-Morgan kernel: br0: port 2(eth1) entering forwarding > state > Jan 12 15:48:01 Polo-Morgan kernel: br0: topology change detected, > propagating > Jan 12 15:48:01 Polo-Morgan kernel: br0: port 1(eth0) entering forwarding > state > Jan 12 15:48:01 Polo-Morgan kernel: br0: topology change detected, > propagating > Jan 12 15:50:20 Polo-Morgan kernel: eth0: Setting promiscuous mode. > Jan 12 15:54:52 Polo-Morgan ntpd[657]: synchronisation lost > Jan 12 16:05:47 Polo-Morgan kernel: br0: port 2(eth1) entering disabled > state > Jan 12 16:05:47 Polo-Morgan kernel: br0: port 1(eth0) entering disabled > state > Jan 12 16:05:48 Polo-Morgan kernel: br0: port 1(eth0) entering disabled > state > Jan 12 16:05:48 Polo-Morgan kernel: br0: port 2(eth1) entering disabled > state > > It looks like it should be working but I've probably overlooked something > stupid. Can someone enlighten me? > > Thanks, > > Brad Morgan I think the problem is: eth0 and eth1 are still down. And what is with the netmask in line > ifconfig br0 192.168.0.2 up Try something like that: ifdown eth0 ifdown eth1 ifconfig eth0 0.0.0.0 promisc up || return=$rc_failed ifconfig eth1 0.0.0.0 promisc up || return=$rc_failed brctl addbr br0 || return=$rc_failed brctl addif br0 eth0 || return=$rc_failed brctl addif br0 eth1 || return=$rc_failed brctl sethello br0 1 || return=$rc_failed brctl setmaxage br0 4 || return=$rc_failed brctl setfd br0 4 || return=$rc_failed brctl stp br0 off || return=$rc_failed ifconfig br0 192.168.1.60 netmask 255.255.255.0 up || return=$rc_failed route add default gw 192.168.1.1 _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
