step by step:
please just use the command line binary 'ebtables' to submit commands.
else
i can not re-consturct your problem.
submit the following commands and provide the output to the list:
ebtalbes -F (this will flush the tables)
ebtables -A FORWARD -p IPv4 --ip-src 172.16.1.4 -s ! 00:11:22:33:44:55 -j
DROP
etables -L (lists the rules)
if this works, kernel should support etables and the filtering should work
josef
-----Original Message-----
From: Vinay Sharma
To: Josef Brunner
Sent: 8/2/2005 1:43 PM
Subject: RE: [Bridge] bridge firewall problem
hi
when i applied some command and then check the
status of ebtables via service ebtables status it
gives the message ebtbles dead but subsys locked what
its mean?
and when i issue service ebtables save it save its
configuration can u tell me the location of ebtables
configuration files
and hopping that u r not getting angry with my
funny questions
thanks for yr cooperations
vinay
--- Josef Brunner <Josef.Brunner@Azlan.com> wrote:
> hi,
>
> funny, I will be in chennai from tommorrow for two
> weeks.
>
> ok, no problem. just have a look at this website
> that offers some easy
> examples. Using these examples you could block ip as
> well as arp (mac)
> traffic.
>
> http://ebtables.sourceforge.net/examples.html#easy
>
> if you have further questions, just shout.
>
> josef
>
>
> -----Original Message-----
> From: Vinay Sharma
> To: Josef Brunner
> Sent: 8/2/2005 12:59 PM
> Subject: RE: [Bridge] bridge firewall problem
>
> hi josef,
> i am a new to ebtables.
> i am facing some problems they are..
>
> 1 we r a internet service provider. we distribute
> internet in india(Delhi). here cable operators
> distribute internet via cables we provides the net
> connection to thest cable operators and they
> distribute it to the users via cables.
> our network fully on radios(wireless) we
> distribute
> it by point-to-point connection. here one cable
> operator take more then three connections and want
> to
> our subscribe. when i give to him connection via
> radio(point-to-point) when he put my line to his
> local
> distribution switch our radio hangs after 15
> minutes.
> to solve this i setup a linux bridge firewall .
> in
> machine i wrote rules in iptables but iptables didnt
> block other traffic
> i want to give access to only
> 172.16.18.0/255.255.255.0 this series.
> but my firewall passes all the traffic
> whenever i take any ip of any series.
>
> someone give me advice to use ebtables so
> i
> installed fedora core 3 version and installed
> ebtables-2.0.6-7.fc4 and my kernel version is
>
> kernel-2.6.9-1.667 i think that it has the support
> of ebtables.
>
>
> pls give me some examble to block ip series or mac
> address in bridge via using ebtables or iptables
>
>
>
> thaks and ragard
> vinay
>
>
> --- Josef Brunner <Josef.Brunner@Azlan.com> wrote:
>
> > hi,
> >
> > what error occurs ? does your kernel support
> > ebtables ? Do you have a
> > userland problem ? Pls. deliver some more details
> > regarding your problem.
> >
> > josef
> >
> > -----Original Message-----
> > From: Vinay Sharma
> > To: bridge@lists.osdl.org
> > Sent: 8/2/2005 12:38 PM
> > Subject: [Bridge] bridge firewall problem
> >
> > hello
> > i am a new user for this group. i am
> > working at a ISP. here i want to made a bridge
> > firewall i am using fedora core 3. i want to block
> a
> > serirs of ip address 192.16.18.0/255.255.255.0 and
> > want to give the accesss only
> > 172.16.18.0/255.255.255.0. but iptables not be
> able
> > to block ip;s its passes all the ip series. i made
> > my
> > machine as bridge. i think my bridge passes all
> the
> > traffic i want to block unathorized traffic by
> > 192.16.18.0/255.255.255.0. someone advise me for
> > using
> > ebtables for that and i installed that but i am
> not
> > able to use ebtables.
> >
> >
> > pls advised me
> >
> > Vinay sharma
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam
> > protection around
> > http://mail.yahoo.com
> > _______________________________________________
> > Bridge mailing list
> > Bridge@lists.osdl.org
> > https://lists.osdl.org/mailman/listinfo/bridge
> >
> >
>
________________________________________________________________________> _______
> > Disclaimer
> >
> > This message may contain confidential information
> > solely for its
> > intended recipients and others may not distribute,
> > copy or use it. If
> > you have received this communication in error
> please
> > tell us either by
> > return e-mail or at the numbers above and delete
> it,
> > and any copies of
> > it.
> >
> >
>
>
> Vinay sharma
>
>
>
>
> ____________________________________________________
> Start your day with Yahoo! - make it your home page
> http://www.yahoo.com/r/hs
>
>
Vinay sharma
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
hi,
what error occurs ? does your kernel support ebtables ? Do you have a
userland problem ? Pls. deliver some more details regarding your problem.
josef
-----Original Message-----
From: Vinay Sharma
To: bridge@lists.osdl.org
Sent: 8/2/2005 12:38 PM
Subject: [Bridge] bridge firewall problem
hello
i am a new user for this group. i am
working at a ISP. here i want to made a bridge
firewall i am using fedora core 3. i want to block a
serirs of ip address 192.16.18.0/255.255.255.0 and
want to give the accesss only
172.16.18.0/255.255.255.0. but iptables not be able
to block ip;s its passes all the ip series. i made my
machine as bridge. i think my bridge passes all the
traffic i want to block unathorized traffic by
192.16.18.0/255.255.255.0. someone advise me for using
ebtables for that and i installed that but i am not
able to use ebtables.
pls advised me
Vinay sharma
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Bridge mailing list
Bridge@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/bridge
_______________________________________________________________________________
Disclaimer
This message may contain confidential information solely for its
intended recipients and others may not distribute, copy or use it. If
you have received this communication in error please tell us either by
return e-mail or at the numbers above and delete it, and any copies of
it.
you are welcome !
josef
-----Original Message-----
From: Vinay Sharma
To: Josef Brunner
Sent: 8/2/2005 2:35 PM
Subject: RE: [Bridge] bridge firewall problem
Hi
Thanks for your help. your commands really
working, after issuing ebtables -F it applied all
rules.
thanks
vinay
--- Josef Brunner <Josef.Brunner@Azlan.com> wrote:
> step by step:
>
> please just use the command line binary 'ebtables'
> to submit commands. else
> i can not re-consturct your problem.
>
> submit the following commands and provide the output
> to the list:
>
> ebtalbes -F (this will flush the tables)
> ebtables -A FORWARD -p IPv4 --ip-src 172.16.1.4 -s !
> 00:11:22:33:44:55 -j
> DROP
> etables -L (lists the rules)
>
> if this works, kernel should support etables and the
> filtering should work
>
> josef
>
> -----Original Message-----
> From: Vinay Sharma
> To: Josef Brunner
> Sent: 8/2/2005 1:43 PM
> Subject: RE: [Bridge] bridge firewall problem
>
>
> hi
> when i applied some command and then check the
> status of ebtables via service ebtables status it
> gives the message ebtbles dead but subsys locked
> what
> its mean?
> and when i issue service ebtables save it save
> its
> configuration can u tell me the location of ebtables
> configuration files
> and hopping that u r not getting angry with my
> funny questions
>
> thanks for yr cooperations
> vinay
>
>
>
> --- Josef Brunner <Josef.Brunner@Azlan.com> wrote:
>
> > hi,
> >
> > funny, I will be in chennai from tommorrow for two
> > weeks.
> >
> > ok, no problem. just have a look at this website
> > that offers some easy
> > examples. Using these examples you could block ip
> as
> > well as arp (mac)
> > traffic.
> >
> > http://ebtables.sourceforge.net/examples.html#easy
> >
> > if you have further questions, just shout.
> >
> > josef
> >
> >
> > -----Original Message-----
> > From: Vinay Sharma
> > To: Josef Brunner
> > Sent: 8/2/2005 12:59 PM
> > Subject: RE: [Bridge] bridge firewall problem
> >
> > hi josef,
> > i am a new to ebtables.
> > i am facing some problems they are..
> >
> > 1 we r a internet service provider. we
> distribute
> > internet in india(Delhi). here cable operators
> > distribute internet via cables we provides the net
> > connection to thest cable operators and they
> > distribute it to the users via cables.
> > our network fully on radios(wireless) we
> > distribute
> > it by point-to-point connection. here one cable
> > operator take more then three connections and want
> > to
> > our subscribe. when i give to him connection via
> > radio(point-to-point) when he put my line to his
> > local
> > distribution switch our radio hangs after 15
> > minutes.
> > to solve this i setup a linux bridge firewall
> .
> > in
> > machine i wrote rules in iptables but iptables
> didnt
> > block other traffic
> > i want to give access to only
> > 172.16.18.0/255.255.255.0 this series.
> > but my firewall passes all the traffic
> > whenever i take any ip of any series.
> >
> > someone give me advice to use ebtables
> so
> > i
> > installed fedora core 3 version and installed
> > ebtables-2.0.6-7.fc4 and my kernel version is
> >
> > kernel-2.6.9-1.667 i think that it has the
> support
> > of ebtables.
> >
> >
> > pls give me some examble to block ip series or
> mac
> > address in bridge via using ebtables or iptables
> >
> >
> >
> > thaks and ragard
> > vinay
> >
> >
> > --- Josef Brunner <Josef.Brunner@Azlan.com> wrote:
> >
> > > hi,
> > >
> > > what error occurs ? does your kernel support
> > > ebtables ? Do you have a
> > > userland problem ? Pls. deliver some more
> details
> > > regarding your problem.
> > >
> > > josef
> > >
> > > -----Original Message-----
> > > From: Vinay Sharma
> > > To: bridge@lists.osdl.org
> > > Sent: 8/2/2005 12:38 PM
> > > Subject: [Bridge] bridge firewall problem
> > >
> > > hello
> > > i am a new user for this group. i am
> > > working at a ISP. here i want to made a bridge
> > > firewall i am using fedora core 3. i want to
> block
> > a
> > > serirs of ip address 192.16.18.0/255.255.255.0
> and
> > > want to give the accesss only
> > > 172.16.18.0/255.255.255.0. but iptables not be
> > able
> > > to block ip;s its passes all the ip series. i
> made
> > > my
> > > machine as bridge. i think my bridge passes all
> > the
> > > traffic i want to block unathorized traffic by
> > > 192.16.18.0/255.255.255.0. someone advise me for
> > > using
> > > ebtables for that and i installed that but i am
> > not
> > > able to use ebtables.
> > >
> > >
> > > pls advised me
> > >
> > > Vinay sharma
> > >
> > >
> > >
> __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam? Yahoo! Mail has the best spam
> > > protection around
> > > http://mail.yahoo.com
> > > _______________________________________________
> > > Bridge mailing list
> > > Bridge@lists.osdl.org
> > > https://lists.osdl.org/mailman/listinfo/bridge
> > >
> > >
> >
>
________________________________________________________________________> > _______
> > > Disclaimer
> > >
> > > This message may contain confidential
> information
> > > solely for its
> > > intended recipients and others may not
> distribute,
> > > copy or use it. If
> > > you have received this communication in error
> > please
> > > tell us either by
> > > return e-mail or at the numbers above and delete
> > it,
> > > and any copies of
> > > it.
>
=== message truncated ==
Vinay sharma
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
hi,
funny, I will be in chennai from tommorrow for two weeks.
ok, no problem. just have a look at this website that offers some easy
examples. Using these examples you could block ip as well as arp (mac)
traffic.
http://ebtables.sourceforge.net/examples.html#easy
if you have further questions, just shout.
josef
-----Original Message-----
From: Vinay Sharma
To: Josef Brunner
Sent: 8/2/2005 12:59 PM
Subject: RE: [Bridge] bridge firewall problem
hi josef,
i am a new to ebtables.
i am facing some problems they are..
1 we r a internet service provider. we distribute
internet in india(Delhi). here cable operators
distribute internet via cables we provides the net
connection to thest cable operators and they
distribute it to the users via cables.
our network fully on radios(wireless) we distribute
it by point-to-point connection. here one cable
operator take more then three connections and want to
our subscribe. when i give to him connection via
radio(point-to-point) when he put my line to his local
distribution switch our radio hangs after 15 minutes.
to solve this i setup a linux bridge firewall . in
machine i wrote rules in iptables but iptables didnt
block other traffic
i want to give access to only
172.16.18.0/255.255.255.0 this series.
but my firewall passes all the traffic
whenever i take any ip of any series.
someone give me advice to use ebtables so i
installed fedora core 3 version and installed
ebtables-2.0.6-7.fc4 and my kernel version is
kernel-2.6.9-1.667 i think that it has the support
of ebtables.
pls give me some examble to block ip series or mac
address in bridge via using ebtables or iptables
thaks and ragard
vinay
--- Josef Brunner <Josef.Brunner@Azlan.com> wrote:
> hi,
>
> what error occurs ? does your kernel support
> ebtables ? Do you have a
> userland problem ? Pls. deliver some more details
> regarding your problem.
>
> josef
>
> -----Original Message-----
> From: Vinay Sharma
> To: bridge@lists.osdl.org
> Sent: 8/2/2005 12:38 PM
> Subject: [Bridge] bridge firewall problem
>
> hello
> i am a new user for this group. i am
> working at a ISP. here i want to made a bridge
> firewall i am using fedora core 3. i want to block a
> serirs of ip address 192.16.18.0/255.255.255.0 and
> want to give the accesss only
> 172.16.18.0/255.255.255.0. but iptables not be able
> to block ip;s its passes all the ip series. i made
> my
> machine as bridge. i think my bridge passes all the
> traffic i want to block unathorized traffic by
> 192.16.18.0/255.255.255.0. someone advise me for
> using
> ebtables for that and i installed that but i am not
> able to use ebtables.
>
>
> pls advised me
>
> Vinay sharma
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam
> protection around
> http://mail.yahoo.com
> _______________________________________________
> Bridge mailing list
> Bridge@lists.osdl.org
> https://lists.osdl.org/mailman/listinfo/bridge
>
>
________________________________________________________________________
_______> Disclaimer
>
> This message may contain confidential information
> solely for its
> intended recipients and others may not distribute,
> copy or use it. If
> you have received this communication in error please
> tell us either by
> return e-mail or at the numbers above and delete it,
> and any copies of
> it.
>
>
Vinay sharma
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
hello
i am a new user for this group. i am
working at a ISP. here i want to made a bridge
firewall i am using fedora core 3. i want to block a
serirs of ip address 192.16.18.0/255.255.255.0 and
want to give the accesss only
172.16.18.0/255.255.255.0. but iptables not be able
to block ip;s its passes all the ip series. i made my
machine as bridge. i think my bridge passes all the
traffic i want to block unathorized traffic by
192.16.18.0/255.255.255.0. someone advise me for using
ebtables for that and i installed that but i am not
able to use ebtables.
pls advised me
Vinay sharma
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com