LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page problems filtering with ip tables over bridge
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-13-2006, 10:29 AM   #1
Gone_Crazy
LQ Newbie
 
Registered: Jul 2006
Posts: 2

Rep: Reputation: 0
Question problems filtering with ip tables over bridge

Hi guys n gals,

I'm having a bit of a problem with setting firewall rules using iptables over a bridge on Debian Sarge.

Current configuration is:

ADSL Router: 192.168.1.1 connecting on eth0 to
Debian br0 : 192.168.1.5 connecting on eth1 to

Windoze PC : 192.168.1.20 (Default gateway set to 192.168.1.1)

I can edit the iptables to deny all access to/from the Debian server/firewall and this stops all traffic being sent and received on that unit, but the Win PC still has access through to its default gateway on all port and all protocols.

Obviously, if I bring the bridge down then the Win PC loses its connectivity but I'm struggling to restrict access to/from the Win PC.

I've read some documents on ebtables, which sounds relative but I've not been able to make sense of them.

Not sure if I'm overlooking something blatantly simple here but any help and/or advice you can offer is greatly appreciated.
 
Old 07-14-2006, 04:04 PM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Please pop in the output from route -n on the Debian box..

It's not too clear where the bridge connection is working..
 
Old 07-15-2006, 04:54 AM   #3
Gone_Crazy
LQ Newbie
 
Registered: Jul 2006
Posts: 2

Original Poster
Rep: Reputation: 0


The bridge is setup across the 2 eth interfaces (eth0 to router, eth1 to win PC)

Routing table:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 br0

brctl show output:

bridge name bridge id STP enabled interfaces
br0 8000.0040f438266c no eth0
eth1
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem with static arp tables and it`s filtering J4b0l Linux - Networking 0 11-18-2005 02:20 PM
Filtering Bridge with VLANs whirlpool78 Linux - Networking 6 02-22-2005 07:51 AM
Ethernet Bridge Tables on kernel 2.6.* carboncopy Linux - Networking 1 03-14-2004 11:42 AM
Sendmail Spam filtering and Virus filtering MrJoshua Linux - General 2 04-03-2003 10:12 AM
Halted packet filtering+routing+shaping router or bridge? Norel Linux - Networking 0 05-02-2002 06:43 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:57 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration