[ale] Bridging + Firewall
Joe Steele
joe at madewell.com
Fri Jan 20 20:53:45 EST 2006
If you want to create a rule that matches a physical device associated
with a bridge, then you can use the physdev module to identify the device.
For example, the following allows pings arriving on eth1 to be forwarded:
iptables -A FORWARD -m physdev --physdev-in eth1 -p icmp --icmp-type
echo-request -j ACCEPT
--Joe
Christopher Fowler wrote:
> I want to put a machine between my firewall and my desktop. This
> machine will have a network interface and a USB network interface. I
> want to bridge those interfaces as br0 and do a firewall on it. This is
> for a proof of concept. I'm used to using iptables and specifing the
> individual interfaces but how would I do that for eth0 and eth1 if in
> reality they become simply one interface as br0?
More information about the Ale
mailing list