How do I block (iptables) traffic on a #$%@ING bridge (br0)
kitepilot at kitepilot.com
kitepilot at kitepilot.com
Wed Dec 17 05:48:31 MST 2014
Hello World:
This is the scenario:
MY.DSK.BOX (eth0) <=> (eth?) MY.BR0.BOX (eth?) <=> MY.TST.BOX (eth0)
I want to use iptables to stop unwanted traffic to traverse MY.BR0.BOX.
MY.DSK.BOX and MY.TST.BOX are in the same subnet.
The IP/subnet of MY.BR0.BOX is irrelevant because MY.BR0.BOX is invisible to
the 'functional' network.
Yes, this WORKS (it is working now), and I can not make MY.BR0.BOX visible
to the network because of more reasons that I have time to write about.
WHAT I WANT:
GOOD packets are allowed to traverse MY.BR0.BOX back and forth without
further restrictions.
BAD packets to/from MY.DSK.BOX to/from MY.TST.BOX are dropped at MY.BR0.BOX
So far I have been able to drop the traffic in only one direction, but not
both... :(
Bridge definition below:
Thanks!
ET
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
# iface eth0 inet dhcp
iface eth0 inet manual
# The primary network interface
allow-hotplug eth1
# iface eth1 inet dhcp
iface eth1 inet manual
# Bridge setup
auto br0
iface br0 inet dhcp
bridge_ports eth0 eth1
More information about the PLUG-discuss
mailing list