similar to: linux transparent bridge running squid

Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -

Hi wondering if anyone can help. I have two NICs on a debian sarge based system and current running as a bridge (br0) which consists of eth0 and eth1. Is it possible to add a virtual interface to the eth1 so I can also do NAT on the box as well? I have tried many times and keep coming up with errors. Kind Regards William Bohannan

Hi all, This is my first post to this list. I hope someone can help me, I have been getting grey hairs trying to make this work! I have a bridge setup on a debian sarge box. The bridge is called br0 and sits between my cable modem and a non-name brand router/switch: [cable modem]----[eth1]---[br0]----[eth2]-----[no-name brand router] I have squid setup on the linux box and it works, I have

<I apologize if this arrives twice... I sent it first from an non-subscribed address, don't know if that'll get to the list or not --JJ> Hi folks, I have an implementation question regarding bridging on a linux box between a catalyst trunk port and a cisco 26something w/802.1q subinterfaces. So right now, there's no vlan trunking going on on the link my bridging firewall sits

Hello list, I've posted here about this before, but I realise that it may have been assumed that the bridged vlans simply put a switch port in a blocking state and left my question ignored. So to recap. I have two tg3 interfaces named 'in' and 'out' and a bridge named 'br0' My vlan trunk is on the 'in' side of the network, and set as in.2, in.3 ... The

Not normally a question for this group, but you guys are very bridge/router/firewall savvy, so I thought I''d toss it here. I have a bridge. On one side of the bridge is that fancy thing called the Internet. On the other side is my LAN. The bridge is the obvious demarcation line and a good place to put a firewall. Now, I have all my iptables stuff planned out, EXCEPT for nat. The

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=339 ------- Additional Comments From scrizt@ludd.ltu.se 2006-06-26 17:57 MET ------- Is this bug forgotten ? Anyhow, I ran into it when setting up this strange network of mine.. I dont think my setup is causing anything strange however.. It appears even if no machine is connected to the "inner" port of the bridge.. I

Here are some notes I have about Linux bridging. I''ll try to separate what I know I know from what I think I know. Let''s say I want to bridge eth0, eth1, and eth2 together, all with an IP Address of, say, 1.2.3.2. This is how to do it: echo "Setting up br0 to bridge eth0 with eth1 and eth2" /usr/sbin/brctl addbr br0 /usr/sbin/brctl addif br0 eth0

Hi All, I''m trying to do some traffic shaping on an ethernet bridge. Currently, I have the following setup working: ifconfig eth0 down brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 brctl stp br0 off ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 up This creates a bridge consisting of eth0 and eth1. So far so good. I now want to use tc to shape traffic

Currently using physdev on a bridge to try and isolate certain paths across and to the bridge. It all works except when trying to stop the flow in one direction on the FORWARD chain?? Can someone please help?? Below is the testing done so far. eth1 <---> BRIDGE <---> eth0 # Block (eth0 ---> eth1) - blocks both directions and not just one?? iptables -A FORWARD -m physdev

Hi all, I''m having a hell of a time getting my IFB to work. I know I''ve done this before, so I''m missing something stupid. Can anybody tell me what it might be? Configs as follows: -------- #!/bin/sh modprobe ifb numifbs=1000 modprobe act_mirred modprobe 8021q brctl addbr br0 brctl setfd br0 0 brctl stp br0 off brctl addif br0 eth1 brctl addif br0 eth2 ifconfig eth1

I thought that the below email would be of interest to LARTC readers. I wasted quite a bit of time tracking down this "feature" (bug?). Any comments that shed light on this would be appreciated. In short, "tc filter" + htb + bridging works only with ip_forward off. Andrew Athan ----------------------------------------------------------------------- All: It seems that

re can somebody tell me what am I doing wrong (at this late night hour), because vlan are not getting bridged at all. ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 ifconfig br0 up vconfig add br0 X vconfig add br0 Y X = vlan-ID (example: 222) Y = vlan ID (example: 223) # brctl show bridge name bridge

Hi, I had successfully setup my bridge (br0) but after few minutes the br0 interface seems not working. ifconfig eth0 0.0.0.0 ifconfig eth5 0.0.0.0 brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth5 brctl stp br0 on I check on my system's /var/log/syslog file. It shows something strange messages as below: - Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)

Hello, I how an embedded processor that needs to act as a bridge between a wireless and wired network. I have managed to bring up the bridge fine. I can also bring up the bridge with a static ip address. However I can not figure out how to bring up the bridge with a dynamic ip address. Is it possible to for a bridge to get a dynamically assigned ip address? Oliver

I have problem with IP public, my Network configuration [wireless] <------> [Router] <------ > [ Linux proxy ] < ------ > [Client ] IP configuration [202.123.123.1] <------->[202.123.123.2 and 192.168.0.1] < ------ > [192.168.0.2 and 202.123.123.3] < ------ > [202.123.123.4] this configuration will use IP 202.123.123.2 on internet how to config my network

Santiago, I appreciate your offer. I'm not really a kernel hacker, however I do know C and I would be willing to try if you point me in the right direction. Here is my first attempt using Debian running on an UltraSPARC: debian{root}:/root<512>strace -f -F -v brctl addbr br0 execve("/usr/sbin/brctl", ["brctl", "addbr", "br0"], [/* 16 vars */]) =

[This email is either empty or too large to be displayed at this time]

Maybe my google-fu is failing me, but I have spent the past couple hours looking at how to add a vnet? Device to my KVM host running CentOS 6, and for the life of me I can't get this going. >From all my research if I want to add a device I should just do 'brctl addif br1 vnet14' if I want to add a vnet14 to bridge br1. When I do this, I get: # brctl addif br0 vnet14

Hi there, I'm currently experiencing a minor problem using the bridge module under kernel 2.4.27 part of the Devil Linux distribution (http://www.devil-linux.org). The problem I am having is that when the bridge is unloaded during a reboot I receive the following errors in /var/log/messages: Nov 14 13:22:13 src@Devil kernel: unregister_netdevice: waiting for br0 to become free. Usage count =