| David Coulson on Thu, 26 Jun 2003 12:53:05 -0400 |
|
Bradley Molnar wrote: I am working with setting up a RH9 machine as a bridge firewalling bridge, using iptables and the bridge-utils. Does RH9 contain the bridge-nf patch? You will need this if you want to filter layer 3 traffic on a bridge. Once the machine is up and running I run this series of commands. You'll want to bring up eth0, eth1 and br0. You also want to disable STP if you don't need it. I personally would bring up eth0 and eth1 without IPs before ading them to the bridge so they start forwarding frames as soon as possible. and then all is fine until I try to actually use the bridging. Even a simple ping will cause a kernel panic. I know that this isn't a ton of details, but, I don't know if or where this information would be saved. What is the kernel panic? I'm using bridging on about 5 boxes and I've never had a problem with it. You may want to look at using a standard kernel patches with bridge-nf and ebtables if you want to setup a bridge firewall. At first I thought it might be a problem between iptables and the bridge, so, I stopped and cleared the iptables rules, but the same thing happened. Without patches, the iptables system never sees anything going through the bridge. I should probably also mention that this machine is connected to a T1, if that makes a difference. The company providing the T1 (allegiancetelcom) placed a device that makes it so that we can connect the T1 to a standard ethernet hub/switch. This is how it is connected. Ethernet is Ethernet - Your problem is with the kernel, not with the Ethernet connection. David -- David Coulson email: d@vidcoulson.com Linux Developer / web: http://davidcoulson.net/ Network Engineer phone: (216) 533-6967 _________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|