Re: Fw: bridging firewall

To: debian-firewall@lists.debian.org
Subject: Re: Fw: bridging firewall
From: Robert Tasarz <rt-debian@greentech.pl>
Date: Mon, 20 Sep 2004 09:51:07 +0200
Message-id: <[🔎] 20040920075107.GA14878@mentat.ventura.pl>
In-reply-to: <[🔎] 001701c49d0d$1da14360$0100a8c0@speedy>
References: <[🔎] 001701c49d0d$1da14360$0100a8c0@speedy>

On Sat, Sep 18, 2004 at 12:21:45AM +0100, Steve EDWARDS wrote:
> 
> ----- Original Message ----- 
> From: "elijah wright"
> To: "Steve EDWARDS"
> Sent: Friday, September 17, 2004 10:38 PM
> Subject: Re: bridging firewall
> 
> >
> >>I'm trying to work out how to build a bridging firewall using a Dell 833 
> >>with 512MB RAM and up 3 Nics when the "outside" is via a USB Speedtouch 
> >>330. In other words can i tie the usb bus to the nics on the pci bus in 
> >>anyway? All I can find so far are how to's that use 2 nics etc that get 
> >>outside via a hub/switch etc. Can iptables/ipchains be config'd for use 
> >>with a usb ADSL modem and an ethernet nic?
> >
> >it shouldn't matter that some of your network devices are PCI NICs and one 
> >is a USB adsl modem... the bridging functionality is in a higher layer 
> >(network) than that driver layer.
> >
> >i wouldn't expect the configuration of this bridge to be significantly 
> >different than bridging between two plain old network cards.
> >
> >elijah
> 
> bridging is a MAC layer process not net layer (IP) eh? - even so - how do I 
> config a USB device as you would a nic  eg :
> # ifconfig eth0 x.x.0.254 ?
> Ive looked in /dev/usb but found devices beginning ez and lp along with the 
> named devices like scannner, or is the IP assigned to it's USB device 
> number? 

Actually 'classical' bridging is done on data link layer and as such
requires the same protocol on both sides. That said... Linux bridge
code is more liberal and allows to bridge different protocols - as
long as they are 'Ethernet like'. But I'm not sure how well it's working
with PPP, which is probably used on top of your adsl link.
(On http://bridge.sourceforge.net/faq.html is written that if additional
requirements are met, it theoretically should.)

Now, for configuration of your modem, take a look at:

http://linux-usb.sourceforge.net/SpeedTouch/about/index.html

There is step by step instruction for Debian Sarge and SpeedTouch modems.

And somewhere there is hidden, that when you configure your modem for
Ethernet over ATM, then it's interface should be named nas0...

Finally, if you could write why you need bridging with adsl and what protocol
is used by adsl link (Ethernet over ATM, PPPoE, PPPoA)? I guess that you 
probably need bridging for your local nics only and NAT them on adsl link.
If you need bridging at all... But maybe I'm wrong ;).

Robert

Reply to:

References:
- Fw: bridging firewall
  - From: "Steve EDWARDS" <steve@edwards23464.fsworld.co.uk>

Prev by Date: Re: Re: Test [#4341911]
Next by Date: Re: Debian router with iptables problem
Previous by thread: Re: Fw: bridging firewall
Next by thread: do you kon.w..
Index(es):
- Date
- Thread