On Fri, Feb 19, 2010 at 08:06:43AM +1100, Alex Samad wrote: > Hi > > > I am a bit confused, I have a bridged interface with 2 active interfaces > eth0 and eth1. and ip forwarding off > > I have turned off ip forwarding. I though brctl created a ethernet > bridge - same broadcast domain between the interface. but I noticed a > lot of firewall blocks in my iptables forward chain, in=br0 out=br0. > > This normal ?
Seems like I might not have given enough information. I have eth0 , eth1 bridged together into br0, I have ipv4 forwarding turned off in sysctl and I have a rule in iptables filter/FORWARD that log all packets that don't meet by allow rules. I have had to add a line -i br0 -o br0 -j ACCEPT My question is why (and how long has it been), that iptables sees packets on the bridged network and why in the forward table, especially when I have forwarding off ? Alex
signature.asc
Description: Digital signature