[Bridge] ebtables rules dont work
Hannes Schulz
schulz at schwaar.com
Tue May 25 04:42:07 PDT 2004
At 11:45 Uhr +0200 23.05.2004, monade at freenet.de wrote:
Hello,
i have some problems with testing the ebtables on my machine.
It's a Vanilla Kernel 2.6.5 and I selected:
- [*] 802.1d Ethernet Bridging
- Netfilter iptables option
and all ebtables options to compile new for a bridge machine.
This works sucesfully and i installed ebtables v2.0.6.
Now my Problem is that all packets will be Droped in the Forward Chain.
It makes the appearance that it's unimportant wich rule i use.
Here my very simple rule Setup only for testing:
ebtables -P FORWARD DROP
ebtables -P INPUT DROP
ebtables -P OUTPUT DROP
ebtables -A FORWARD -p IPv4 --ip-proto tcp --ip-sport 80 -j ACCEPT
When i use iptables for filtering i can/must see the same effect.
What I'have done wrong ? forgot options in the kernel, forgot rules ?
I don't use ebtables myself but I think there is a rule missing:
ebtables -A FORWARD -p IPv4 --ip-proto tcp --ip-dport 80 -j ACCEPT
Your rule only covers traffic server --> browser. My rule ACCEPTS the
traffic from the browser to the web server.
Yours
Hannes Schulz
More information about the Bridge
mailing list