[Bridge] bridge firewall problem

Josef Brunner Josef.Brunner at azlan.com
Tue Aug 2 05:38:19 PDT 2005


 
you are welcome !

josef
-----Original Message-----
From: Vinay Sharma
To: Josef Brunner
Sent: 8/2/2005 2:35 PM
Subject: RE: [Bridge] bridge firewall problem


Hi 
    Thanks for your help. your commands really
working, after issuing ebtables -F it applied all
rules.  
   
  thanks
   vinay

 
--- Josef Brunner <Josef.Brunner at Azlan.com> wrote:

> step by step:
> 
> please just use the command line binary 'ebtables'
> to submit commands. else
> i can not re-consturct your problem.
> 
> submit the following commands and provide the output
> to the list:
> 
> ebtalbes -F (this will flush the tables)
> ebtables -A FORWARD -p IPv4 --ip-src 172.16.1.4 -s !
> 00:11:22:33:44:55 -j
> DROP
> etables -L (lists the rules)
> 
> if this works, kernel should support etables and the
> filtering should work
> 
> josef
> 
> -----Original Message-----
> From: Vinay Sharma
> To: Josef Brunner
> Sent: 8/2/2005 1:43 PM
> Subject: RE: [Bridge] bridge firewall problem
> 
> 
> hi
>     when i applied some command and then check the
> status of ebtables via service ebtables status it
> gives the message ebtbles dead but subsys locked
> what
> its mean?
>    and when i issue service ebtables save it save
> its
> configuration can u tell me the location of ebtables
> configuration files
>     and hopping that u r not getting angry with my
> funny questions
> 
> thanks for yr cooperations
>   vinay
> 
> 
> 
> --- Josef Brunner <Josef.Brunner at Azlan.com> wrote:
> 
> > hi,
> > 
> > funny, I will be in chennai from tommorrow for two
> > weeks.
> > 
> > ok, no problem. just have a look at this website
> > that offers some easy
> > examples. Using these examples you could block ip
> as
> > well as arp (mac)
> > traffic. 
> > 
> > http://ebtables.sourceforge.net/examples.html#easy
> > 
> > if you have further questions, just shout.
> > 
> > josef
> > 
> > 
> > -----Original Message-----
> > From: Vinay Sharma
> > To: Josef Brunner
> > Sent: 8/2/2005 12:59 PM
> > Subject: RE: [Bridge] bridge firewall problem
> > 
> > hi josef,
> >    i am a new to ebtables.
> >       i am facing some problems they are..
> >            
> > 1   we r a internet service provider.  we
> distribute
> > internet in india(Delhi). here cable operators
> > distribute internet via cables we provides the net
> > connection to thest cable operators and they
> > distribute it to the users via cables.  
> >    our network fully on radios(wireless) we
> > distribute
> > it by point-to-point connection.  here one cable
> > operator take more then three connections and want
> > to
> > our subscribe.  when i give to him connection via
> > radio(point-to-point) when he put my line to his
> > local
> > distribution switch  our radio hangs after 15
> > minutes.
> >     to solve this i setup a linux bridge firewall
> .
> > in
> > machine i wrote rules in iptables but iptables
> didnt
> > block other traffic
> >     i want to give access to only
> > 172.16.18.0/255.255.255.0 this series.
> >             but my firewall passes all the traffic
> > whenever i take any ip of any series.
> > 
> >            someone give me advice to use ebtables
> so
> > i
> > installed fedora core 3 version and installed
> > ebtables-2.0.6-7.fc4 and my kernel version is 
> > 
> > kernel-2.6.9-1.667   i think that it has the
> support
> > of ebtables.  
> > 
> > 
> >  pls give me some examble to block ip series or
> mac
> > address in bridge via using ebtables or iptables
> >   
> > 
> > 
> > thaks and ragard
> >    vinay
> > 
> > 
> > --- Josef Brunner <Josef.Brunner at Azlan.com> wrote:
> > 
> > > hi,
> > > 
> > > what error occurs ? does your kernel support
> > > ebtables ? Do you have a
> > > userland problem ? Pls. deliver some more
> details
> > > regarding your problem.
> > > 
> > > josef
> > > 
> > > -----Original Message-----
> > > From: Vinay Sharma
> > > To: bridge at lists.osdl.org
> > > Sent: 8/2/2005 12:38 PM
> > > Subject: [Bridge] bridge firewall problem
> > > 
> > > hello 
> > >             i am a new user for this group. i am
> > > working at a ISP. here i want to made a  bridge
> > > firewall i am using fedora core 3. i want to
> block
> > a
> > > serirs of ip address 192.16.18.0/255.255.255.0
> and
> > > want to give the accesss only
> > > 172.16.18.0/255.255.255.0.  but iptables not be
> > able
> > > to block ip;s its passes all the ip series. i
> made
> > > my
> > > machine as bridge. i think my bridge passes all
> > the
> > > traffic i want to block unathorized traffic by
> > > 192.16.18.0/255.255.255.0. someone advise me for
> > > using
> > > ebtables for that and i installed that but i am
> > not
> > > able to use ebtables.
> > > 
> > > 
> > >  pls advised me
> > > 
> > > Vinay sharma
> > > 
> > > 
> > >
> __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam?  Yahoo! Mail has the best spam
> > > protection around 
> > > http://mail.yahoo.com 
> > > _______________________________________________
> > > Bridge mailing list
> > > Bridge at lists.osdl.org
> > > https://lists.osdl.org/mailman/listinfo/bridge
> > > 
> > >
> >
>
________________________________________________________________________
> > _______
> > > Disclaimer
> > > 
> > > This message may contain confidential
> information
> > > solely for its
> > > intended recipients and others may not
> distribute,
> > > copy or use it. If
> > > you have received this communication in error
> > please
> > > tell us either by
> > > return e-mail or at the numbers above and delete
> > it,
> > > and any copies of
> > > it.
> 
=== message truncated ===


Vinay sharma


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



More information about the Bridge mailing list