Hello World: 

This is the scenario:
MY.DSK.BOX (eth0) <=> (eth?) MY.BR0.BOX (eth?) <=> MY.TST.BOX (eth0) 

I want to use iptables to stop unwanted traffic to traverse MY.BR0.BOX.
MY.DSK.BOX and MY.TST.BOX are in the same subnet.
The IP/subnet of MY.BR0.BOX is irrelevant because MY.BR0.BOX is invisible to 
the 'functional' network.
Yes, this WORKS (it is working now), and I can not make MY.BR0.BOX visible 
to the network because of more reasons that I have time to write about. 


WHAT I WANT:
GOOD packets are allowed to traverse MY.BR0.BOX back and forth without 
further restrictions.
BAD packets to/from MY.DSK.BOX to/from MY.TST.BOX are dropped at MY.BR0.BOX 

So far I have been able to drop the traffic in only one direction, but not 
both...   :(
Bridge definition below:
Thanks!
ET 

 

 

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5). 

# The loopback network interface
auto lo
iface lo inet loopback 

# The primary network interface
allow-hotplug eth0
# iface eth0 inet dhcp
iface eth0 inet manual 

# The primary network interface
allow-hotplug eth1
# iface eth1 inet dhcp
iface eth1 inet manual 

# Bridge setup
auto br0
iface br0 inet dhcp
        bridge_ports eth0 eth1
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss