[Bridge] Bridge Problem with RedHat and iptables

[Bridge] Bridge Problem with RedHat and iptables

[TEJAS VORA]

Hello,

I am running into a strange problem here. I wrote you a mail earlier
also regarding this.

1. I am trying to run the bridge mode over Redhat 7.3 (kernel 2.4.18).
I tried the latest version of brdige mode utility and also I tried
version 0.94 as well. But whenever I run the brdige mode on this
kernel - the kernel goes panic saying "aiee - killing interrupt
handler". Now I am in a crutial situation here. We are building a
product based on kernel version 2.4.18 and running on Redhat 7.3 - and
we have to setup bridge mode on the machine. But due to this problem
we are not able to do that. So please help me what is the problem here
and what could be the solution?

2. Now the second problem is regarding iptables. As brdige was not
working on redhat 7.3 due to kernel panicing - I tried it temporarily
in redhat 9.0 (jkernel 2.4.20-8) - where it is working fine. I setup a
FTP transparent proxy on the machine. The configuration is - our
machine (with brdige mode and transparent proxy) seats between client
and server. And it forwards or the traffice to and fro and for FTP
traffic we want to have transparent proxy in between. The
configuration is as shiown below.

Bridge Machine (br0) IP : 192.168.11.201
(need to be used as Transparent proxy)
       +---------------------------------------------+
       |                       |
       |                       |
       |                       |
       |                       |
       |                       |
       |                       |
       +---------------------------------------------+
               |       |
               eth0    eth1
               |       |
               |       |
               |       | FTP Content Server (192.168.11.60) and Internet
               |       +------------------------>
               |
               |
               |
               | TO INTRANET 
               +-------------------------------->

Now the thing is on bridge machine I am running FTP transparent proxy
(jftpgw) and I have setup iptables rule as follow.

iptables -t nat -A PREROUTING -p tcp -d 0/0 -s 0/0 --dport 21 -J DNAT
--to 192.168.11.201:2370

But the strange thing is before the packet is redirected to port 2370
(to Transparent PROXY) - brdige forwards it to the other machine and
the packet does not reach port 2370 on the same machine. So what could
be the problem here and what could be the solution for that?

I am in a urgent help. Please help  me and let me know the solution
ofr these problems.

Thanks you,
Tejas Vora

[Bridge] Re: Bridge Problem with RedHat and iptables

[Stephen Hemminger]

Since this a question about the bridge filtering, you probably
want to ask: 	Bart De Schuymer <bart.de.schuymer@pandora.be>
and/or the ebtables mailing lists.

	ebtables-user@lists.sourceforge.net
	ebtables-devel@lists.sourceforge.net

Re: [Bridge] Bridge Problem with RedHat and iptables

[Bart De Schuymer]

On Wednesday 10 November 2004 19:48, TEJAS VORA wrote:

Please use kernel 2.4.27 with this patch applied:
http://prdownloads.sourceforge.net/ebtables/ebtables-brnf-7_vs_2.4.27.diff.gz?download

I can't answer your first question, but the second question is easy to answer: 
you didn't apply the ebtables-brnf patch, and therefore iptables doesn't see 
bridged traffic.