Displaying 20 results from an estimated 10000 matches similar to: "transparent bridge"
2006 Jul 21
5
linux transparent bridge running squid
Hi I have been using Shorewall for a while now and find it very useful and easy to configure, I am learning iptables and having trouble getting the bridge to successfully work with squid, although I get it working with Shorewall straight away? Does anyone know the rules to successfully use squid with a transparent bridge?
Internet – router - (bridge eth0 – eth1) – local lan
auto lo
iface lo
2006 Dec 28
4
filter policy drop and allow transparent proxy
Trying to use the policy drop rule with the bridged firewall, when I
removed the first line the transparent proxy works great? It seems a
bit strange as from reading several articles on it I thought the
following occurs.
1st line - if it doest match it gets dropped on the local filter input.
2nd line - redirects the traffic off the link layer into the network
layer ready for line 3.
3rd line -
2005 Oct 13
4
brouting on interfaces without IP address
Hi,
[sorry for the crosspost, I don''t know whether this is a routing or
ebtables problem]
I want to redirect all HTTP traffic passing through my bridge to a squid
proxy on another machine. However, setting up brouting as suggested in
the ebtables examples doesn''t work and the packets get dropped on the
floor completely.
/\/\/\/\/\/\/\/\ +----------------------+
2007 May 23
1
Squid in bridging mode
Still learning Xen, and would like to know if it''s possible to run Squid in
D0 when running in bridging mode. I have iptables and ebtables going, and
am able to log packets with those, but can''t seem to get any traffic out of
the bridge into Squid in D0 (or through iptables in D0, for that matter).
Information I''ve gathered so far is that I need
2008 Jan 06
0
[Bridge] Bridge with IP address -> unable to connect to bridge
Hi,
I tried sending this earlier, but it didn't come through.
Apologies if this appers twice on the list.
I'm running bridging using the brouter setup described on
this page:
http://ebtables.sourceforge.net/examples.html
"Making a brouter".
The setup described there is like this:
ifconfig br0 0.0.0.0
ifconfig eth0 172.16.1.1 netmask 255.255.255.0
ifconfig eth1 172.16.2.1
2007 Apr 18
1
[Bridge] bridge and transparent squid proxy
Hi all,
This is my first post to this list. I hope someone can help me, I have
been getting grey hairs trying to make this work!
I have a bridge setup on a debian sarge box. The bridge is called br0
and sits between my cable modem and a non-name brand router/switch:
[cable modem]----[eth1]---[br0]----[eth2]-----[no-name brand router]
I have squid setup on the linux box and it works, I have
2007 Apr 18
1
[Bridge] Strange, my transparent squid stoped working
Are you saying that REDIRECT hasn't been or that it has suddenly stopped
working?
My guess would be that it hasn't been working. Here's why:
The REDIRECT target is in the NAT table because it is designed to redirect
the port of packets destined for the interface they arrived on.
If I understand right your situation is like this:
(Users) -----> (eth2) <Bridge (192.168.0.3)>
2005 May 10
1
Help with PRIO qdisc and filters
Hi,
Sorry to bother you all. I have a typical problem sharing DSL upstream
bandwidth with users. I have 3 types of traffic high-priority,
medium-priority and low priority. My upstream rate is 960kbits. Traffic (any
priority) can vary in bandwidth from 0 to 960kbits. I have a test setup
where I can pump 600kbit of high priority sustained and I have 400kbit of
low priority traffic sustained. I
2007 Apr 18
0
[Bridge] ARP spoofing.
Hello all.
I know this does not directly relay to Ethernet bridging but I need some
advise... anyone want to give me some info/help on the subject.
In the interest of multipath routing I need to know if it is possible to
do a one-way arp spoof. Lets start with the machines layout...
br1------ADSL
br2------cisco router-----serial line.
br0-----Internal network.
I already have
2008 Sep 24
1
[Bridge] bridge is not forwarding the packet
Hi Rahul,
If you're certain that your problem isn't as Stephen suggested, you
might want to have a look at this:
---
(From http://ebtables.sourceforge.net/brnf-faq.html
<http://ebtables.sourceforge.net/brnf-faq.html> )
How do I let vlan-tagged traffic go through a vlan bridge port and the
other traffic through a non-vlan bridge port?
Suppose eth0 and eth0.15 are ports of br0.
2019 Jan 08
0
[Bug 1316] New: ebtables-nft support for broute
https://bugzilla.netfilter.org/show_bug.cgi?id=1316
Bug ID: 1316
Summary: ebtables-nft support for broute
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: iptables over nftable
Assignee: pablo at
2005 May 20
1
Iptables - PREROUTING
I have a server whit 2 interfaces of network, where eth0 is the interfaces
connetc to internet and eth1 to the internal network. This server hace a
Squid only, but i setting the iptables for protection to the server.
Iptables run from script and in this script i setting the redirection for
the other server in my internal network to port 80 and 443. I follow the
diferent how to and many manual, but
2006 Feb 22
0
memory leaks resolved?
I think I may have fixed my memory leaks, and it may be that it was
nothing to do with xen... the machine has been up for 10 days now which
is the longest it has lasted in quite a while.
I changed the way the bridges and vlans worked together, previously I
had it configured thus:
trunk = renamed Ethernet interface
br0 = bridge of trunk and any domU I wanted on vlan1
br0.2 = vlan 2 on trunk
br1 =
2012 Jan 21
1
squid transparent proxy problem
Greetings,
I installed a squid 3.1.10.i686 squid to a centos 6.2i686. The proxy is
working fine with the default config.
After I decided to use it as a transparent proxy, I added two lines to
config: http_proxy 10.0.5.1:3128 transparent, always_direct allow all
http_port 10.0.5.1:3128 transparent
#
# Recommended minimum configuration:
#
acl manager proto cache_object
#acl localhost src
2007 Jun 12
1
How to setup both Transpaent Proxy and firewall on the same Machine.
Hi ALL,
I want to setup Transpaent Proxy on the box running iptables Firewall.
With iptables, I have given below rules.
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F -t nat
iptables -F -t mangle
#Enabling ip forwarding
echo "1" > /proc/sys/net/ipv4/ip_forward
#enable syn cookies (prevent against the common 'syn flood attack')
echo "1"
2003 Dec 03
0
transparent proxy running in the local network
got it running, really easy !!!
I am running shorewall 1.2.12 on a debian stable !
and have a squid as transparent proxy on another machine (debian
testing)
tried to get this work the hole day:
I found this iptables:
------
iptables -t nat -A PREROUTING -i eth0 -s ! $squid_box -p tcp
--dport 80 -j DNAT --to $squid_box:3128
iptables -t nat -A POSTROUTING -o eth0
2020 May 09
4
Transparent Squid and FirewallD : fine-tuning question
Hi,
I just setup a very basic HTTP proxy with Squid on a router running CentOS 7.
Up until early 2020 I've been using a bone-headed shell script with iptables to
configure my firewall. But I decided to follow advice from a few gurus on this
list, and I've since moved my configurations to FirewallD, which works nicely.
There's one configuration left to tackle, that's port
2005 Dec 02
3
Trouble redirecting traffic on transparent bridge.
I have posted this question to the netfilter mailing list along with #ebtables, #iptables, and #netfilter. Nobody has really responded, so I''m led to believe
that it is either incredibly complicated or *really* simple. Please, somebody throw me a bone here! Ok, on with the show...
I have a bridge (br0) with two interfaces (eth1 and eth2). Neither br0, eth1, or eth2 have an
2007 Apr 18
0
[Bridge] bridge + squid
Hi Srs
I have a linux like a bridge
LAN - BRIGE -ROUTER
The bridge has a ip ( non public IP)
The bridge is working fine but y need to set up the Squid on the same machine where is installed the BRIDGE.
I was looking for the answers and say:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
and put this rules with iptables
2004 Jan 27
1
Filter not listed for firewall filter - and not running!
Hello all,
I am having some trouble getting a firewall filter to work with TC. I am
actually setting the mark via EBTables (which is working as far as I can
tell, I am also logging the packet and my syslog reports lots of marks):
ebtables -t broute -A BROUTING -p ipv4 -i eth1 -s 08:00:46:60:B3:57 -j mark
--set-mark 7 --mark-target CONTINUE --log --log-level debug --log-prefix
"EBFW Mark