[Bridge] Re: Bringing up bridge at boot (properly)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: nick black <dank@suburbanjihad.net>
To: bridge@osdl.org
Subject: [Bridge] Re: Bringing up bridge at boot (properly)
Date: Thu, 1 Jul 2004 08:20:20 +0000 (UTC)	[thread overview]
Message-ID: <slrnce7ia4.ot2.dank@hoist.localnet> (raw)
In-Reply-To: BAY19-F21HzvB6zLEoS000bee2d@hotmail.com

On 2004-06-30, Adam Hewgill <ahewgill@hotmail.com> wrote:
> If you are using a machine as an ethernet bridge how are you
> configuring it (include distro specific stuff) to create and enable the
> bridge during the boot process?

Here's a simple setup borrowed from my home firewall, snipped to show only
the bridge-related setup.  I have a four-port tulip and one half of a dual
eepro100 forming a broadcast medium via a brouter.  relevant init.d/firewall:

BRBIN=brctl
BRIDGE=br0
INTERNAL_NETMASK=24
INTERNAL_IP=192.168.0.1
BR_ADDR="$INTERNAL_IP/$INTERNAL_NETMASK"
for i in `seq 1 5`
BR_IFACES="eth1 eth2 eth3 eth4 eth5"

case "$1" in
  start)
        $BRBIN addbr $BRIDGE
        for i in $BR_IFACES ; do
                $BRBIN addif $BRIDGE $i
                ip l set up dev $i
        done
        ip l set up dev $BRIDGE
        ip a a $BR_ADDR dev $BRIDGE
        ;;
  stop)
        ip a d $BR_ADDR dev $BRIDGE
        ip l set down dev $BRIDGE
        for i in $BR_IFACES ; do
                ip l set down dev $i
                $BRBIN delif $BRIDGE $i
        done
        $BRBIN delbr $BRIDGE
        ;;
esac

with debian, man update-rc.d to get it going.  i try to hit right
after interface naming and before firewall setup.   do remember that
default behavior will allow any ip on the machine to be hit through
the bridge (at least by my experience in 2.[46]), so firewall things
well.

-- 
nick black <dank@reflexsecurity.com>
"np:  nondeterministic polynomial-time
the class of dashed hopes and idle dreams." - the complexity zoo

     prev parent reply	other threads:[~2004-07-01  8:20 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-06-30 17:51 [Bridge] Bringing up bridge at boot (properly) Adam Hewgill
2004-07-01  8:20 ` nick black [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=slrnce7ia4.ot2.dank@hoist.localnet \
    --to=dank@suburbanjihad.net \
    --cc=bridge@osdl.org \
    --cc=dank@reflexsecurity.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.