> ifconfig $INTERIOR_IFACE 0.0.0.0 promisc up -arp
> ifconfig $EXTERIOR_IFACE 0.0.0.0 promisc up -arp
> brctl addif $BRIDGE_IFACE $INTERIOR_IFACE
> brctl addif $BRIDGE_IFACE $EXTERIOR_IFACE
> ifconfig $BRIDGE_IFACE 0.0.0.0 up -arp
[-]arp Enable or disable the use of the ARP protocol on this
interface.
Maybe you should leave the arp bit on, i.e.
ip l s eth0 up
ip l s eth1 up
brctl addif br0 eth0 eth1
ip l s br0 up
(by default it will take 15 seconds for the bridge to become alive now)
> /sbin/modprobe ipt_LOG
Not explicitly needed.
> echo "1" > /proc/sys/net/ipv4/ip_forward
This is not needed for brX.
> iptables -A FORWARD -i $EXTERIOR_IFACE -p tcp -m state --state NEW -j LOG
> --log-prefix "INBOUND TCP: "
That won't work. A bridged packet has -i br0 -o br0. You must match it with
-m physdev --physdev-in $EXTERIOR --physdev-out $INTERIOR.
Jan Engelhardt
--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
