Thx Eric and Erich while experimenting with shorewall I finally found it .. I indeed stopped the firewall but had to add what was possible to do when it was stopped: so add to /etc/shorewall/firewallstopped : br0 192.168.1.0/24 routeback
Tom Citeren Eric Spakman <[EMAIL PROTECTED]>: > Hi Tom, > > I'm not sure what your setup looks like and why you need bridging. But if > you don't need firewall functionality, just remove shorwall.lrp from > leaf.cfg and try again. > Otherwise read the shorewall documentation about bridging: > http://www.shorewall.net/SimpleBridge.html and > http://www.shorewall.net/3.0/NewBridge.html > > > Eric > > > > >> Hi Eric, my messages log says though: "firewall root: Shorewall Stopped" >> >> >> when I try to ping it gives the following: >> >> firewall# ping 192.168.1.254 PING 192.168.1.254 (192.168.1.254): 56 data >> bytes ping: sendto: Invalid argument >> >> >> Tom >> >> >> Citeren Eric Spakman <[EMAIL PROTECTED]>: >> >> >>> Hi Tom, >>> >>> >>> Can you ping the bridge interface from the firewall itself? >>> >>> >>> I guess shorewall is blocking the ping, because it's probably not setup >>> for bridging. >>> >>> >>> Eric >>> >>> >>> >>>> extra info down.. >>>> >>>> Citeren Tom Hendrickx <[EMAIL PROTECTED]>: >>>> >>>> >>>> >>>>> Hallo Eric, >>>>> >>>>> >>>>> >>>>> Citeren Eric Spakman <[EMAIL PROTECTED]>: >>>>> >>>>> >>>>> >>>>>> Hello Tom, >>>>>> >>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> Ok thanks .. I have no idea how I could have looked over it >>>>>>>>> in the ISO image, but I did :$ >>>>>>>>> >>>>>>>>> Making it work is another problem I fear >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> I've added the bridge.lrp .. put it also in leaf.cfg >>>>>>>>> bridge.o is also added and for my interface : e100.o >>>>>>>>> >>>>>>>>> and in interfaces is only this selected : auto br0 iface >>>>>>>>> br0 inet static address 192.168.1.254 netmask 255.255.255.0 >>>>>>>>> broadcast 10.0.0.255 bridge_ports eth0 eth1 >>>>>>>>> >>>>>>>> >>>>>>>> Your broadcast address is not correct, it should be >>>>>>>> 192.168.1.255 >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> sorry, by copying and adapting from another mail I forgot to >>>>>>> change the broadcast address here .. it's the correct one on my >>>>>>> system : 192.168.1.255 >>>>>>> >>>>>>> >>>>>>> >>>>>> Did you load the bridge.lrp package (in leaf.cfg)? In other >>>>>> words, did you see the bridge activating messages and is the brctl >>>>>> program available? >>>>>> >>>>> >>>>> I did load the bridge.lrp package(just put it in the folder and >>>>> leaf.cfg right?) then I get these messages on startup : >>>>> >>>>> eth 1 entered promiscious mode br0 is entering learning state (both >>>>> ports) ... waiting for br0 to get ready then it says that eth0 and >>>>> eth1 is up 100mB full duplex .. >>>>> >>>>> the brctl also works .. And when giving the show command it gives >>>>> the bridge name, bridge id, spanning tree protocol is not enabled, >>>>> but no need for that in my topology and it also gives the two >>>>> interfaces eth0 en eth1 .. >>>>> >>>>> ok, something new I found out .. From the bridge I can ping to both >>>>> pc's connected with it .. But I can still not ping to the bridge >>>>> >>>> >>>> Maybe it's practical to know that when I try to ping the bridge, the >>>> bridge does notice it.. in showmacs br0 the mac addresses of both pc's >>>> appear when I ping of just one of them .. So one way or another .. >>>> It >>>> doesn't recognize its own ip address .. >>>> >>>> again in config interfaces file I have solely this : >>>> >>>> auto br0 iface br0 inet static address 192.168.1.254 netmask >>>> 255.255.255.0 >>>> broadcast 192.168.1.255 bridge_ports eth0 eth1 >>>> >>>> in host ip addresses it stays the same, just the localhost and the >>>> firewall, in networks I only have the localnet like by default .. >>>> >>>> >>>> I hope this information proves useful .. >>>> >>>> >>>> >>>> Tom >>>> >>>> >>>> >>>> >>>>> Grtz, >>>>> >>>>> >>>>> >>>>> Tom >>>>> >>>>> >>>>> >>>>> >>>>>> Eric >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> ---- >>>> Check out the new SourceForge.net Marketplace. >>>> It's the best place to buy or sell services for >>>> just about anything Open Source. >>>> http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/mark >>>> etpl ace >>>> --------------------------------------------------------------------- >>>> --- >>>> leaf-user mailing list: leaf-user@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/leaf-user >>>> Support Request -- http://leaf-project.org/ >>>> >>>> >>>> >>> >>> >>> >>> >> >> >> >> ------------------------------------------------------------------------- >> Check out the new SourceForge.net Marketplace. >> It's the best place to buy or sell services for >> just about anything Open Source. >> http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketpl >> ace >> ------------------------------------------------------------------------ >> leaf-user mailing list: leaf-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/leaf-user >> Support Request -- http://leaf-project.org/ >> >> > > > > ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
