Debian Iptables 3 nic bridge
Hey all,
I'm a noob with a networking Question. the question in essence is "how do i do this with iptables?" the situation is as follows; I have a server running debian with a 2.6 kernel. 3 nics, eth0, eth1 and ath0. eth0 has a static ip of 10.0.0.150 eth1 has a static ip of 192.168.16.1 ath0 has a static ip of 192.168.1.1 eth0 is connected to a router (ip 10.0.0.138) which maintains an internet connection ath0 is a wireless card running in AP mode. eth1 and ath0 have a dhcpd server running on it so clients that connect to it get an ip. how do i transparently bridge ath0 and eth1 to form one network, and how do i allow computers connected to both the ath0 and eth1 to connect tot he internet through eth0. I'd love to have eth0 also act as a firewall not allowing connections comming from the internet but allowing everything to come from the internal lan (ath0/eth1) can anyone give me a few pointers? I'm not really good at networking and i'm kinda stumped on how iptables works (yes i did read the manual). thanks in advance. |
For a start you don't use iptables on your Debian system, except if you want it to be a firewall. You can't have different IP address or subnets for ath0 and eth1 if you bridge them.
Install bridge-utils. Read the manpage bridge-utils-interfaces. Disable eth1 and ath0 using "ifdown eth1 ath0" Configure the bridge in /etc/network/interfaces, deleting the configuration for eth1 and ath0. Bring up the bridge using "ifup br0" or similar. Edit /etc/sysctl.conf to enable IP forwarding. For immediate effect: "echo 1 > /proc/sys/net/ipv4/ip_forward" Set up the DHCP server for the bridge. Add a route table entry to the other router. As for firewalling, is your other router sufficient? What is your IPv6 policy? For IPv4 the following should work: Code:
iptables -N block |
All times are GMT -5. The time now is 01:42 PM. |