On Wed, 24 Jan 2007 14:19:14 -0600 Omar Armas <oarmas at mpsnet.net.mx> wrote: > Hi, I did a bridge with kernel 2.4.34 and two intel e1000 network cards. > > I setup the bridge with: > > /usr/sbin/brctl addbr br0 > /usr/sbin/brctl addif br0 eth0 > /usr/sbin/brctl addif br0 eth1 > /sbin/ifconfig eth0 0.0.0.0 promisc > /sbin/ifconfig eth1 0.0.0.0 promisc These two are unnecessary the bridge does it itself. > /sbin/ifconfig br0 up > > My configuration is: > > router > | > Bridge > | > LAN > > > but my problem is that it always passes all traffic, no matter if I > set FOWARD iptables chain to DROP: > iptables -P FORWARD DROP iptables FORWARD rules apply to routing not bridging See: http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html#section6 > When I do this the all traffic and protocols continue passing. > Any idea why? > > -- Stephen Hemminger <shemminger at linux-foundation.org>
