[Bridge] combination WAP/firewall/router - wired and wireless hosts do not connect

Abel Martín abel.martin.ruiz at gmail.com
Mon Jan 22 10:56:46 PST 2007


On 1/18/07, Carla Schroder <carla at bratgrrl.com> wrote:
> hey all,
>
> I searched the archives and the site and didn't find an answer, so if I missed
> something I'll gladly take pointers to any good help pages.
>
> I want to build a combination wireless access point/iptables firewall/router
> for my home LAN, like this:
>
> dsl modem - router/WAP - switch - LAN
>
> I have Pyramid Linux on a PC Engines WRAP board. The board has an Atheros
> tri-mode wireless card, and two wired Ethernet ports in use. The configs are
> like this:
>
>  LAN IP = 192.168.1.25
>  br0 = ath0 bridged to eth0
>
>  WAN IP = 22.33.44.55
>  eth1
>
> When my iptables firewall is up, all hosts have Internet and can ping the
> router. But wired hosts cannot ping wireless hosts, or the reverse. With the
> firewall turned off, the bridge works perfectly and all LAN hosts see each
> other.
>
> I've tried running my iptables rules one at a time, and the showstopper is the
> forwarding chain. I like to use a default policy of FORWARD DROP, then write
> accept rules as needed. But nothing I have tried works here, and it's not
> like my iptables-fu is all that mighty anyway.
>
> Should I be looking at ebtables, or can I do this in iptables? Or what?
>
Did do check physdev iptables module?

Regards,
Abel



More information about the Bridge mailing list