Re: Bridging firewall with iptables

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: mourik jan c heupink <heupink@intech.unu.edu>
To: Pete Davis <peted@springisd.org>
Cc: "netfilter@lists.netfilter.org" <netfilter@lists.netfilter.org>
Subject: Re: Bridging firewall with iptables
Date: 08 Oct 2002 20:29:07 +0200	[thread overview]
Message-ID: <1034101748.2072.3.camel@suse8> (raw)
In-Reply-To: <sda1ab7e.047@hiway.springisd.org>

did you get any responses already...?

i'm not much i a guru myself, but i have gotten this to work, and it
works beautifully here...

maybe i can be of assistance..?

outside to inside doesn't work, you say. the other way does? inside to
outside..?

mj

On Mon, 2002-10-07 at 22:42, Pete Davis wrote:
> I have been trying to get a bridging firewall setup with iptables.  The
> iptables part, by itself, is not an issue.  I can get it done.  My
> question is: has anyone here ever gotten the bridging + iptables
> firewall to work?
> 
> I am using 2.4.19 (I never get anything but 2.4.19 with dmesg or uname
> -a) with bridge-nf-0.0.7-against-2.4.19.diff for the bridging patch.  I
> am following the documentation provided on bridge.sourceforge.org.
> 
> I d/l'ed the 2.4.19.  Patched with bridge patch above.  Made the kernel
> with iptables support (most options as modules), "8021.d Ethernet
> bridging" and "netfilter (firewalling) support" included.  Everything
> compiled and installed without errors.  I added the interfaces to the
> bridge interface per the directions.  Set all ip addresses to 0.0.0.0
> promisc per the directions in the documentation.  The default rules for
> iptables are allow for input, output and forward (forward is the only
> one of importance).
> 
> At this point, I cannot get any devices on the 'outside' of the
> firewall to reach anything 'inside' the firewall.  Since all the rules
> are accept, it should work.  I get the feeling the problem may be with
> the bridging portion.
> 
> Anyone gotten this bridge + firewall to work?
> 
> Thanks,
> Pete

next prev parent reply	other threads:[~2002-10-08 18:29 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-10-07 20:42 Bridging firewall with iptables Pete Davis
2002-10-08 18:29 ` mourik jan c heupink [this message]
  -- strict thread matches above, loose matches on Subject: below --
2003-02-04 11:00 bridging firewall with Iptables Afshin Lamei
2003-02-04 17:16 ` Cedric Blancher

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1034101748.2072.3.camel@suse8 \
    --to=heupink@intech.unu.edu \
    --cc=netfilter@lists.netfilter.org \
    --cc=peted@springisd.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox