[Bridge] firewall + bridge pointer; brctl showbr RFE

Wayback MachineAbout this captureCOLLECTED BY Organization: Alexa Crawls Starting in 1996, Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to the Wayback Machine after an embargo period. Collection: Alexa Crawls DE Crawl data donated by Alexa Internet. This data is currently not publicly accessible TIMESTAMPSloadingPekka Savolapekkas@netcore.fi
Wed, 9 Aug 2000 13:42:21 +0300 (EEST)Hello all,I’m using bridge patches + ipchains patches + Olaf’s patch from June tomake bridged patches pass through ipchains interfaces ethX too. Worksfine.The problem with Olaf’s patch above is, that it can only be used in apassive way, ie. ACCEPT and DENY. For example, rejects won’t work. Thisis intended behaviour (at least w/ the current patch).I came across a very interesting tool to make DENY rules generate TCPresets using netlink device. Resets will be sent from the destinationaddress, a little like FreeBSD’s bridging+firewalling code can do.It seemed to work just fine here, so I’d like to share the pointer if it’sof any use.. http://www.bellamy.co.nz/section5.html.Also, I’d like to request a feature enhancement for brctl. If STP isdisabled, ‘brctl showbr br0’ will just print:—# brctl showbr br0br0 STP disabled—This should be a little more informative. At least, it should tell whichphysical interfaces have been bound to the bridge. As it is, I can’t seeany nice way of doing this (testing with addif/delif — not good).HTH. Please Cc:.– Pekka Savola “Tell me of difficulties surmounted, Pekka.Savola@netcore.fi not those you stumble over and fall”

Leave a Reply

Your email address will not be published. Required fields are marked *