HPE Community
Operating System - Linux
1833738 Members
2526 Online
110063 Solutions
New Discussion

Re: using Linux as a bridge and firewall

 
K.C. Chan
Trusted Contributor

‎06-11-2002 07:23 PM

‎06-11-2002 07:23 PM

using Linux as a bridge and firewall

All,
I've tried setting up RH 7.2 as a Bridge and Firewall. I've re-compiled the kernel 2.4.18 to include bridging. Put eth0 and eth1 in promiscius mode and enable bridging via "brcfg -ena"
but it's still not working bec. I am only able to ping one side of the network not the other.

Here's what I want to do, I have eth0=63.x.x.x.133 and eth1 as 63.x.x.x.134. eth0 has a route to the default router and eth1 is connected to a hub/switch (the protected side of the network; this is only a test, as soon as I get this to work with iptables it's going in btw the router and the switch). How do I make eth0 and eth1 pass network traffic to each other so that I can ping all servers on eth0 side and all servers on eth1 side?
Reputation of a thousand years can be determined by the conduct of an hour
0 Kudos
Reply
3 REPLIES 3
U.SivaKumar_2
Honored Contributor

‎06-11-2002 09:49 PM

‎06-11-2002 09:49 PM

Re: using Linux as a bridge and firewall

Hi,
Have configured in such a way that only non-routable protocols to be bridged and IP should
be routed ?.
regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
K.C. Chan
Trusted Contributor

‎06-12-2002 06:09 AM

‎06-12-2002 06:09 AM

Re: using Linux as a bridge and firewall

Yes, I've tried routing but it onl works on 1 interface of the NIC; since both Nic have the same network (63.78.100.0 I can only seem to route out one interface). e.g:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
63.78.100.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1
63.78.100.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo
0.0.0.0 63.78.100.1 0.0.0.0 UG 40 0 0 esome_pc_on_eth0_sideth0


For some reason I can ping with "ping -I eth0 some_pc_on_eth0_side", it works and vice versa with "ping -I eth1 some_pc_on_eth0_side". But if I ping with the "-I" option, it doesn't work. I know if I tried to ping (w/o the -I option) the router which in on eth0 side, I can't reach it because both route for 63.78.100.0 points to eth1 side. I've tried adding 63.78.100.0 for eth0 but it doesn't work. This is why I think a bridge might work. Any idea on how should I approach this? Should I use bridging or Routing. If so please shed some light onto this. Thanks.
Reputation of a thousand years can be determined by the conduct of an hour
0 Kudos
Reply
K.C. Chan
Trusted Contributor

‎06-12-2002 01:17 PM

‎06-12-2002 01:17 PM

Re: using Linux as a bridge and firewall

All, I got this to work. Basically I was missing a patch for kernel 2.4.18; specificallly the bridging patch.
Reputation of a thousand years can be determined by the conduct of an hour
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.