[Bridge] iptables, ipnatctl & v2.3.x kernels with bridging

Wayback MachineAbout this captureCOLLECTED BY Organization: Alexa Crawls Starting in 1996, Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to the Wayback Machine after an embargo period. Collection: Alexa Crawls DE Crawl data donated by Alexa Internet. This data is currently not publicly accessible TIMESTAMPSloadingChristopher J. Reimerreimer@doe.carleton.ca
Fri, 18 Feb 2000 14:14:30 -0500 (EST) Hi, I am trying to do something, which may not be currentlypossible. I have a machine with 3 ethernet cards in it. One is to a hub,which has two logical networks on it, let say 137.0.1.x and 138.0.1.x. Theethernet card to that hub has 2 address, 137.0.1.1 and 138.0.1.1 done byip aliasing. The second card goes out to a broadband internet access, andthe third card goes to an ISDN bridge connecting to work, where the ipaddresses are 138.x.x.x. I want the 137.0.1.x to not be able to send any packets to theISDN bridge. I need all the traffic between the 138.0.1.x local hosts andthe ISDN bridge to be completely unimpeded including broadcasts from thelocal hosts (138.0.1.255) and broadcasts from work (255.255.255.255). However, I would prefer if the other local machines, 137.0.1.x would notsee the broadcasts from work. I figure I would need to NAT the incomingbroadcasts from 255.255.255.255 to 138.0.1.255. Finally, all traffic fromeither of the 2 local logical networks not destined for work should gothrough the broadband internet access card, which is a masqueraded port. So, I realize what I want to do is fairly complicated, and itsalmost working now, except that traffic between work and the 138.0.1.xlocal machines is not continuous. The broadcasts from either the localnet or the ISDN bridge are getting absorbed by the gateway machine. Will bridging help with this? Will I still be able to NAT andfilter using iptalbes and ipnatctl? Any suggestions? Regards, Chris Reimer –Christopher Reimerhttp://www.doe.carleton.ca/~reimer/chris_reimer@bigfoot.comPGP Public Key available at web site, PGP Keyservers, ID 171F8CF1,or “finger”ing reimer@www.doe.carleton.ca

Leave a Reply

Your email address will not be published. Required fields are marked *