Configure FC2 as Bridge
Franco
primo at ischianet.com
Fri Feb 4 10:27:24 UTC 2005
Nigel Wade ha scritto:
> Franco wrote:
>
>> Hi, i need to use a FC2 server as firewall for my network,
>> i have configured it as write on shorewall sites:
>>
>> /etc/sysconfig/network-scripts/ifcfg-br0
>>
>> DEVICE=br0
>> TYPE=Bridge
>> IPADDR=213.xxx.xxx.xxx
>> NETMASK=255.255.255.248
>> ONBOOT=yes
>>
>> /etc/sysconfig/network-scripts/ifcfg-eth0:
>>
>> DEVICE=eth0
>> TYPE=ETHER
>> BRIDGE=br0
>> ONBOOT=yes
>>
>> /etc/sysconfig/network-scripts/ifcfg-eth1:
>>
>> DEVICE=eth1
>> TYPE=ETHER
>> BRIDGE=br0
>> ONBOOT=yes
>>
>> After a /etc/init.d/network restart
>> i have lose the ssh connection and seams that the server
>> can't ping other ips.
>>
>> Can anyone help me?
>>
>
> Did you put both ethernet cards into promiscuous mode? If they are not
> in promiscuous mode they drop any packets other than the IP they are
> assigned, and since they are not assigned an IP in bridging mode they
> won't accept any packets at all.
>
> This is an ifconfig for an ethernet card which is operating in a bridge:
>
> eth0 Link encap:Ethernet HWaddr 00:01:03:41:26:CC
> UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
> RX packets:153540157 errors:0 dropped:0 overruns:29 frame:0
> TX packets:151344501 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> RX bytes:749644020 (714.9 Mb) TX bytes:868719741 (828.4 Mb)
> Interrupt:11 Base address:0xdc00
>
> and for the bridge that it is a part of:
>
> bridge Link encap:Ethernet HWaddr 00:01:03:41:26:CC
> inet addr:143.210.44.xx Bcast:143.210.44.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:7542348 errors:0 dropped:0 overruns:0 frame:0
> TX packets:83245 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:681830576 (650.2 Mb) TX bytes:19014467 (18.1 Mb)
>
>
> The routing table is:
>
> Destination Gateway Genmask Flags MSS Window irtt Iface
> 143.210.44.0 * 255.255.255.0 U 40 0 0 bridge
> 127.0.0.0 * 255.0.0.0 U 40 0 0 lo
>
> In this case the bridge is part of a firewall, hence there is no default
> route and it can only route packets to the internal network.
>
> Note: this is a 2.4.18 kernel, not FC2, but I think the principles are
> the same.
>
Hi, i have your same output of ifconfig, when i restart
the network i see that just eth0 is in promiscuous mode seams that
eth1 don't is in this state. How can i do to change state?
How can i do to controll the bridge ( firewall ) from other network?
I need to add another NIC CARD ?
Best regards.
More information about the fedora-list
mailing list