[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Transparent network bridge+filter?

At 02:08 PM 1/18/00 -0600, Jeff Noxon wrote:
>Can anything that runs on Linux do reliable network bridging & filtering?
>I need a transparent filter that I can drop into an existing network.
>
>Ipfilter will do the job with Open/NetBSD.  It may work on Linux, but
>requires kernel 2.0.35 and isn't compatible with glibc.

Another guy ask -something like that- before,
I replied with an answer that worked ;-)

Here is my reply and maybe you can use 
parts of it:
(You don't want to use this route config ;-)

> This has been a while but here it goes:
> 
> Please test if the next settings will do the trick.
> The debian box cannot be reached from the inet or lan,
> We can do something about the lan connection though...
> 
> Note: Filtering firewall is WIDE open!
> Note: There is a route for all IP's because they are 
>       on the same subnet (netmask) but NOT on the 
>       same network device!
> Note: Youre gateway is 63.225.131.78
> 
> root# ifconfig lo 127.0.0.1
> root# ifconfig eth0 0.0.0.0 promisc
> root# ifconfig eth1 0.0.0.0 promisc
> 
> root# route add 63.225.131.73 eth0
> root# route add 63.225.131.74 eth0
> root# route add 63.225.131.75 eth0
> root# route add 63.225.131.76 eth0
> root# route add 63.225.131.77 eth0
> root# route add 63.225.131.78 eth1
> 
> root# ipchains -P input ACCEPT
> root# ipchains -P forward ACCEPT
> root# ipchains -P ouput ACCEPT
> root# ipchains -F
> root# ipchains -X
> 
> Please send me your results....
> 
> Good luck!
> 
> Onno
Reply to: