* [LARTC] Disable netfilter for bridged traffic
@ 2006-12-20 5:53 senthil
2007-01-06 18:30 ` Radu Oprisan
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: senthil @ 2006-12-20 5:53 UTC (permalink / raw)
To: lartc
Hi All,
Can anybody suggests how can I disable netfilter for bridged traffic in
linux-2.4.27 kernel ?
Thanks and Regards,
Senthil
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [LARTC] Disable netfilter for bridged traffic
2006-12-20 5:53 [LARTC] Disable netfilter for bridged traffic senthil
@ 2007-01-06 18:30 ` Radu Oprisan
2007-01-09 13:43 ` Luciano Ruete
2007-01-31 23:22 ` Radu Oprisan
2 siblings, 0 replies; 4+ messages in thread
From: Radu Oprisan @ 2007-01-06 18:30 UTC (permalink / raw)
To: lartc
senthil wrote:
> Hi All,
> Can anybody suggests how can I disable netfilter for bridged traffic in
> linux-2.4.27 kernel ?
If i understand the question, then you just need to ignore the
interfaces for the bridge.
iptables -I FORWARD -i eth_bridge_1 -j RETURN
iptables -I FORWARD -i eth_bridge_2 -j RETURN
iptables -I FORWARD -i bridge -j RETURN
same for input and output if you don't need a firewall for the ip
address assigned on the bridge interface or you don't have an ip address
assigned.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Disable netfilter for bridged traffic
2006-12-20 5:53 [LARTC] Disable netfilter for bridged traffic senthil
2007-01-06 18:30 ` Radu Oprisan
@ 2007-01-09 13:43 ` Luciano Ruete
2007-01-31 23:22 ` Radu Oprisan
2 siblings, 0 replies; 4+ messages in thread
From: Luciano Ruete @ 2007-01-09 13:43 UTC (permalink / raw)
To: lartc
On Saturday 06 January 2007 15:30, Radu Oprisan wrote:
> senthil wrote:
> > Hi All,
> > Can anybody suggests how can I disable netfilter for bridged traffic in
> > linux-2.4.27 kernel ?
>
> If i understand the question, then you just need to ignore the
> interfaces for the bridge.
this is not necesary cause bridged traffic is "layer 2" traffic, and there is
not a chance that netfiter(layer 3) saw it.
There is ebtables and iptables "physdev" in 2.6, to filter bridged traffic.
--
Luciano
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Disable netfilter for bridged traffic
2006-12-20 5:53 [LARTC] Disable netfilter for bridged traffic senthil
2007-01-06 18:30 ` Radu Oprisan
2007-01-09 13:43 ` Luciano Ruete
@ 2007-01-31 23:22 ` Radu Oprisan
2 siblings, 0 replies; 4+ messages in thread
From: Radu Oprisan @ 2007-01-31 23:22 UTC (permalink / raw)
To: lartc
Luciano Ruete wrote:
> On Saturday 06 January 2007 15:30, Radu Oprisan wrote:
>> senthil wrote:
>>> Hi All,
>>> Can anybody suggests how can I disable netfilter for bridged traffic in
>>> linux-2.4.27 kernel ?
>> If i understand the question, then you just need to ignore the
>> interfaces for the bridge.
>
> this is not necesary cause bridged traffic is "layer 2" traffic, and there is
> not a chance that netfiter(layer 3) saw it.
>
> There is ebtables and iptables "physdev" in 2.6, to filter bridged traffic.
I'm sorry. I missed the part about 2.4.27 in the first message.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2007-01-31 23:22 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-12-20 5:53 [LARTC] Disable netfilter for bridged traffic senthil
2007-01-06 18:30 ` Radu Oprisan
2007-01-09 13:43 ` Luciano Ruete
2007-01-31 23:22 ` Radu Oprisan
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.