[Bridge] question about bridge's work

c.j c.james.cj at gmail.com
Tue Aug 12 15:32:48 PDT 2008


Hi bridge list,

We got a concept that as follow description:

A linux BOX with several real NICs(suppose that number is three) 
and a new virtual interface which is a ppp interface(may use several channel) normally.

Now we intend to let machine(PC) behind this BOX  talk with ones out of BOX. 
Now ppp's peer is ISP, so PC want to talk to ISP.

In this case we may find it's so similar with bridge's scene: 
all packets from PC we just forward to PPP interface and then xmit to ISP by pppd code. 
As I know, bridge cannot work for ppp interface(this why it puzzle me .).
Also ip_forward can do that things if there are routes in kernel.

My question is:
How can we restrict the machines behind BOX. We only want one can go 
through now. 
For extending we cannot just drop the packets from the restricted PC like iptable's drop rule.

Please point out my fault in my mind.
Thanks in advance.

Regards~

--
c.j


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux-foundation.org/pipermail/bridge/attachments/20080813/b6e6413f/attachment.htm 


More information about the Bridge mailing list