On Feb 14, 2008 3:41 AM, Leigh Sharpe <lsharpe@xxxxxxxxxxxxxxxxxxxxxx> wrote: > Bridged traffic is not seen by iptables. You need ebtables instead. Bridged traffic is not seen by iptables alone. You need bridge-nf as well. There, I fixed it for you. "The br-nf code makes bridged IP frames/packets go through the iptables chains." http://ebtables.sourceforge.net/brnf-faq.html > > Regards, > Leigh > > Leigh Sharpe > Network Systems Engineer > Pacific Wireless > Ph +61 3 9584 8966 > Mob 0408 009 502 > Helpdesk 1300 300 616 > email lsharpe@xxxxxxxxxxxxxxxxxxxxxx > web www.pacificwireless.com.au > > > > -----Original Message----- > From: bridge-bounces@xxxxxxxxxxxxxxxxxxxxxxxxxx > [mailto:bridge-bounces@xxxxxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Sathyan > M > Sent: Wednesday, 13 February 2008 5:20 PM > To: bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx > Subject: Bridge and iptables > > Hi, > > I am using linux kernle-2.6.15, iptables-1.4 and bridge-utils-1.4. > Everything intslled without any issue and i am able to enable the > bridge and traffic is also flowing without any issue. > > But i did not see any traffic on the iptables forward chain due to > which i am not able to control the traffic. > > Do i requie enable anything more to make the traffic pass through > iptables forward chain. > > Please look into the configuration > ip addr > 1: lo: <LOOPBACK> mtu 16436 qdisc noqueue > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > 2: tunl0: <NOARP> mtu 1480 qdisc noop > link/ipip 0.0.0.0 brd 0.0.0.0 > 3: gre0: <NOARP> mtu 1476 qdisc noop > link/gre 0.0.0.0 brd 0.0.0.0 > 10: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast > qlen 1000 > link/ether 00:07:d9:0d:67:5a brd ff:ff:ff:ff:ff:ff > 11: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast > qlen 1000 > link/ether 00:07:d9:0d:67:03 brd ff:ff:ff:ff:ff:ff > 12: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue > link/ether 00:07:d9:0d:67:03 brd ff:ff:ff:ff:ff:ff > inet 10.10.5.2/24 brd 10.10.5.255 scope global br0 > > iptables -L -nvx > Chain INPUT (policy ACCEPT 4484 packets, 330543 bytes) > pkts bytes target prot opt in out source > destination > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > > Chain OUTPUT (policy ACCEPT 4105 packets, 2046064 bytes) > pkts bytes target prot opt in out source > destination > _______________________________________________ > Bridge mailing list > Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx > https://lists.linux-foundation.org/mailman/listinfo/bridge > > _______________________________________________ > Bridge mailing list > Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx > https://lists.linux-foundation.org/mailman/listinfo/bridge > _______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
