First off, the bridge implementation in linux is such a cool idea! I have been using
it for my home network to firewall my cable connection for about a year and I just
passed the 1TB mark for packets passed through the bridge! :)
Here's my setup in an ascii graphic which is pretty lame but hopefully will illuminate
my situation:
eth1(br0) --->
(Computer)
/
Cable --->eth0(br0 - Bridge 1 + iptables)- eth2(br0) ---> (Computer)
eth0 (Back to bridge1)
| \
/
wlan0 eth3(br0) -->
(Diskless workstation + Wireless Bridge) (br0 - Bridge2) - eth1 --- > (Computer)
\
wlan0
I am running into a new problem though. What I want to do is build a couple of low
cost 802.11b APs using HostAP and the bridging code with diskless machines. I can get
the diskless machine to work by making an initrd with all the necessary modules and
the bridging userspace tools with no problem. However when I turn on the firewall
rules for bridge 1 to protect all the inside machines, NFS stops working on Bridge2. I
have narrowed it down to a problem with the ip_conntrack code. (I use a lot of
statefull filtering, e.g. -i eth0 -m state --STATE ESTABLISHED,RELATED -j ACCEPT) Even
with all of the policies in the FILTER table set to ACCEPT it still drops NFS until I
remove the ip_conntrack and ipt_state modules and then it starts to work again...
sorry if my description is confusing, it's kind of a complicated setup and I am not
sure how exactly to describe it. I probably would save myself a lot of headache to
just put a small disk in the other workstation, but I'm stubborn that way and I'm SO
CLOSE to getting it working.
Any input would be helpful! :)
Chris Shaw
IS Manager
Water Tech Industries
Phone: (888)-254-8412
Fax: (503)-261-9118
E-Mail: [EMAIL PROTECTED]
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
