[Bridge] Re: Bringing up bridge at boot (properly)

nick black dank at suburbanjihad.net
Thu Jul 1 01:20:20 PDT 2004

On 2004-06-30, Adam Hewgill <ahewgill at hotmail.com> wrote:
> If you are using a machine as an ethernet bridge how are you
> configuring it (include distro specific stuff) to create and enable the
> bridge during the boot process?

Here's a simple setup borrowed from my home firewall, snipped to show only
the bridge-related setup.  I have a four-port tulip and one half of a dual
eepro100 forming a broadcast medium via a brouter.  relevant init.d/firewall:

for i in `seq 1 5`
BR_IFACES="eth1 eth2 eth3 eth4 eth5"

case "$1" in
        $BRBIN addbr $BRIDGE
        for i in $BR_IFACES ; do
                $BRBIN addif $BRIDGE $i
                ip l set up dev $i
        ip l set up dev $BRIDGE
        ip a a $BR_ADDR dev $BRIDGE
        ip a d $BR_ADDR dev $BRIDGE
        ip l set down dev $BRIDGE
        for i in $BR_IFACES ; do
                ip l set down dev $i
                $BRBIN delif $BRIDGE $i
        $BRBIN delbr $BRIDGE

with debian, man update-rc.d to get it going.  i try to hit right
after interface naming and before firewall setup.   do remember that
default behavior will allow any ip on the machine to be hit through
the bridge (at least by my experience in 2.[46]), so firewall things

nick black <dank at reflexsecurity.com>
"np:  nondeterministic polynomial-time
the class of dashed hopes and idle dreams." - the complexity zoo

More information about the Bridge mailing list