On Po, 2003-02-24 at 14:53, Drew Einhorn wrote: > On Mon, 2003-02-24 at 03:53, - = k o l i s k o = - wrote: > > > But i dont have a IP address on the bridge interface (nor eth0, eth1). I > > think this should be the problem, but in my case i can't assigned IP > > address on a bridge interface. Becouse the interface is in transit > > subnetwork with prefix /30 (it means only 4 addresses - network, server1 > > addres, server2 address and broadcast. There is no place for IP address > > for bridge interface). I cant enlarge this subnetwork. > > Put another interface eth2 in the box and put it on an network used > exclusively for network management and security devices. No user > traffic.
In reality the firewall have this interface. It has 6 interfaces. My question was not about how to manage this machine (it has a special interface only for management), but how to route some traffic from bridge to non bridge interface. The bridge has not IP address and i am using DNAT for it. But in kern.log i see this: Performing cross-bridge DNAT requires IP forwarding to be enabled but ip_forwarding is turned on, it is set to "1". It is probably a bug in bridge code. kolisko > > -- > Drew Einhorn <[EMAIL PROTECTED]> > -- --- Michal Kolesár [EMAIL PROTECTED] http://kolisko.penguin.cz +420.777.225.297 Don't send me any attachment in Micro$oft (.DOC, .PPT) format please Read http://www.fsf.org/philosophy/no-word-attachments.html Preferable attachments: .PDF, .HTML, .TXT Thanx for adding this text to Your signature _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
