similar to: IP Tables on a bridge

Here are some notes I have about Linux bridging. I''ll try to separate what I know I know from what I think I know. Let''s say I want to bridge eth0, eth1, and eth2 together, all with an IP Address of, say, 1.2.3.2. This is how to do it: echo "Setting up br0 to bridge eth0 with eth1 and eth2" /usr/sbin/brctl addbr br0 /usr/sbin/brctl addif br0 eth0

> I'm pretty sure that is incorrect. The inside_net is the ip address of > the asterisk server, and the inside_mask is the subnet mask. At least > that is how I have mine setup in my sip.conf, and it works. > > inside_mask for the internal mask would make more sense to me as well :) > > -- > Leif Madsen <leif@hacklocalhost.com> > http://www.hacklocalhost.com

I know this is not a normal request, but I would like to connect two vlans into the same box that have the same subnet on them, and then NAT them out to the Internet. We don''t need to make any connections inbound to them, but only provide outbound access. Any suggestions on how to do this? If I can''t do it with routing then I could use something like user-mode Linux, or other

Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -

I''ve set up Traffic Shaping on a Linux Router. Using HTB with SFQ, i''m trying to slow down heavy downloading for 20 subscribers over a 2048 kbit downlink. I''m classifying internet related traffic using iptables marking. bri0 is my local lan bridge, receiving egress traffic destined for subscribers. tc qdisc add dev bri0 root handle 1: htb default 2 tc class add dev

Hi I have been using Shorewall for a while now and find it very useful and easy to configure, I am learning iptables and having trouble getting the bridge to successfully work with squid, although I get it working with Shorewall straight away? Does anyone know the rules to successfully use squid with a transparent bridge? Internet – router - (bridge eth0 – eth1) – local lan auto lo iface lo

I''ve uploaded Beta 4. It corrects a bad bug involving exclusion in the hosts file. In addition, it contains the first release of a new Bridge/firewall implementation that uses the reduced-function physdev match found in kernel 3.6.20 and 3.6.21. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \

I''ve uploaded Beta 4. It corrects a bad bug involving exclusion in the hosts file. In addition, it contains the first release of a new Bridge/firewall implementation that uses the reduced-function physdev match found in kernel 3.6.20 and 3.6.21. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \

Hello! Since i could not find any information on the internet about this subject, i'm going to try my luck on this list. I'm trying to setup network-filter on a routed setup. I have a root-server at Hetzner, a german hosting provider. Along with my server i ordered a (/28) subnet to be able to setup dedicated IPs for my virtual machines (KVM). My Server is running Ubuntu 12.04 with

Package: xen-utils-common Version: 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5 Severity: important Tags: patch security -- System Information: Debian Release: 9.4 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),

Hi guys, i have a problem with a configuration what i''m trying to do. I have two computers with linux, A and B, connected in the same network with this configuration: PC1 A: 192.168.192.1 PC2 B: 192.168.192.30 The PC1 A is a firewall doing nat... this one is connected to the internet via an adsl modem and of course it have its own public ip , and the router B is a smtp server but

ei tuka imam edin pf conf obache pravi mnogo nomera, kato se pusne parvoto koeto e dropva paketi, timeoutva po serverite i t.n.. i speed-a e mnogo baven, vijte ako nqkoi moje da otkrie generalna greshka da reply :) vapreki che ne e freebsd-specific :P ne sym go pisal az a i ne sam mnogo mnogo zapoznat s pf zatova ako nqkoi moje da pomogne e dobre doshyl :) btw moje i neshto ot tia opcii kato set

I have 2610 XM with 1 Fastethernet and VIC2-2BRI. Dialin and dialout over pots is ok. Also inbound pots calls get redirected to Asterisk y.y.y.y So far so good. But I want to setup VOIP sessions with local carrier. I added dial-peer 40 for this. Session target x.x.x.x But calls will always get routed to the pstn peers 50 and 60. Peer x.x.x.x is never contacted or tried. My situation: PSTN

Hi !! I marking packets in a bridge: Mark outbound www packets from clients: /usr/local/sbin/iptables -A PREROUTING -t mangle -m physdev --physdev-in eth1 -p tcp --dport 80 -j MARK --set-mark 2 How I can know if this packets are marked ? roberto -- Ing. Roberto Pereyra ContenidosOnline Looking for Linux Virtual Private Servers ? Click here:

Hi all !! I would to like to mark and route some kind of traffic (ie: outbound www, now by simplicity) ---inet1--------eth0------------| | | linux | --eth1------- clientes ---inet2(90.0.0.1)--------eth2-| | I have eth0 and eth1 bridged (eth2 is not bridged). I would to route www outbound clients

Hi all !! I would to like to mark and route some kind of traffic (ie: outbound www, now by simplicity) ---inet1--------eth0------------| | | linux | --eth1------- clientes ---inet2(90.0.0.1)--------eth2-| | I have eth0 and eth1 bridged (eth2 is not bridged). I would to route www outbound clients

Hey everyone, I have a question about vif-common.sh. I run multiple bridges attached on dummy interfaces, which allow me to put guests in seperate subnets (routed through the dom0). As you might expect I already have quite extensive iptables scripts to accomidate this kind of routing. I was just hoping someone on this list can confirm, that I understand what the iptables lines in vif-common.sh

Hi, I have a suspicious problem with multiple uplinks configuration. First of all my configuration: 1) kernel 2.6.20.3 2) iptables 1.3.7 3) last iproute (for masked marks) All wan interfaces are bridged (stp disabled) in only one interface (wan0), all lan interfaces are bridged (stp enabled) in only one interface (zlan0). The wan0 bridge is to allow UPnP works. To allow related

Its been a few days, I was wondering if anyone else has any ideas on how to get this to work? If not, could I ask a the direct question as to if anyone here has (or knows someone who has) successfully got something like a Cisco Router to successfully establish an ISDN data/Internet connection through the Asterisk PBX?

Hi! I want to forward the port 3389 from the domU to the virtual server with ip address 192.168.122.77 with not success... I tried a lot of iptables rules with no luck so far. Is this possible? I take a look at other post and I don''t found an answer. By example: /sbin/iptables -t nat -A PREROUTING -p tcp -i xenbr0 --dport 3389 -j DNAT --to 192.168.122.77:3389 the virtual nic for the