Hello Bob,
I can only answer a part of your question about bridging.
Bridging can be setup by loading the bridge.o module and editing
/etc/network/interfaces, something like:
auto br0
iface br0 inet static
address 192.168.1.254
netmask 255.255.255.0
broadcast 192.168.1.255
bridge_ports all
http://leaf.sourceforge.net/doc/guide/bubridge.html
Bridging firewalling is possible by using ebtables, but I don't have a
document on how to set it up. The homepage is:
http://ebtables.sourceforge.net/
Kernel modules are available in the modules tarball and an ebtables
package can be found in the BuC package repository.
Eric
> Dear List,
>
>
> I am currently using LEAF-Bering uClibc 2.3 on a WRAP platform with 3
> NICs. One NIC is for ADSL-PPPOE, the second for internal networks and
> the third for a WLAN access point. To protect the WLAN, I use OpenVPN to
> connect clients with Windows XP. Because of problems with MS share
> browsing (it doesn't behave at all well with a mixture of domain and
> non-domain members as clients, some client can get a browse list over a
> router and others cannot. Samba with WINS support is used as the domain
> controller), I wanted to change the OpenVPN from a tunnelled connection to
> a bridged one (so I can browse for shares over the WLAN). I seem to be
> stuck where I need to set up the bridging device br0 on the LEAF box, but
> can't find how (I'm not a Linux expert). I have read all the howto's
> forOpenVPN and LEAF in bridge mode but am still missing a part of the
> picture somehow. I want to use LEAF as a firewall, of course, but the
> howto for bridging says that this is not possible. Maybe I am
> misunderstanding it? My LEAF box is set up:
>
>
> etho -> PPPOE -> Internet eth1 -> 192.168.0.0/24 -> Router ->
> 192.168.1.0/24 -> Clients / Servers
> eth2 -> 192.168.10.0/24 -> WLAN AP (Bridges) -> XP Laptops
>
> So I want to set up bridging for the WLAN link such that the OpenVPN
> packets that are decrypted by the LEAF box send them out of eth1 with
> appropriate addresses (delivered to the OpenVPN clients by the OpenVPN
> package on the LEAF box itself). The client side seems to work OK and I
> can get a connection to the LEAF box, with the client receiving new IP and
> routing information over the OpenVPN link. But the connection is
> imcomplete and the clients sit sending ARP requests for the 192.168.0.0
> network that do not get answered. Is there a way of achieving this, or do
> I want the impossible ?
>
>
> Many thanks,
>
>
> R
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting
> language that extends applications into web and mobile media. Attend the
> live webcast and join the prime developer group breaking into this new
> coding territory!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
> ------------------------------------------------------------------------
> leaf-user mailing list: [email protected]
> https://lists.sourceforge.net/lists/listinfo/leaf-user
> Support Request -- http://leaf-project.org/
>
>
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
------------------------------------------------------------------------
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/
