On 12/15/06 05:34, Mike Williams wrote:
<really big snip>
Routing table now:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
90.1...1.64 0.0.0.0 255.255.255.224 U 0 0 0 bond0
192.168.131.0 0.0.0.0 255.255.255.0 U 0 0 0 bond1
192.168.22.0 90.1...1.69 255.255.255.0 UG 0 0 0 bond0
192.168.128.0 0.0.0.0 255.255.255.0 U 0 0 0 bond3
192.168.0.0 90.1...1.69 255.255.255.0 UG 0 0 0 bond0
192.168.30.0 90.1...1.69 255.255.255.0 UG 0 0 0 bond0
192.168.136.0 0.0.0.0 255.255.255.0 U 0 0 0 bond2
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 90.1...1.69 0.0.0.0 UG 0 0 0 bond0
Routing table previously:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
90.1...1.64 0.0.0.0 255.255.255.224 U 0 0 0 br0
192.168.131.0 0.0.0.0 255.255.255.0 U 0 0 0 bond1
192.168.22.0 90.1...1.69 255.255.255.0 UG 0 0 0 br0
192.168.128.0 0.0.0.0 255.255.255.0 U 0 0 0 bond3
192.168.0.0 90.1...1.69 255.255.255.0 UG 0 0 0 br0
192.168.30.0 90.1...1.69 255.255.255.0 UG 0 0 0 br0
192.168.136.0 0.0.0.0 255.255.255.0 U 0 0 0 bond2
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 90.1...1.69 0.0.0.0 UG 1000 0 0 br0
Sorry, if I have missed it, but which system are these routing tables
from? Bridge or LFW?
# uname -r
2.6.17-hardened-r1
# zgrep BRIDGE_NETFILTER /proc/config.gz
CONFIG_BRIDGE_NETFILTER=y
This means that you will be able to use IPTables to filter your bridged
traffic. Which as I think about it, with out seeing your full IPTables
rule set, may be the reason some of your packets are having their state
incorrectly identified. Can we see a full iptables-save output?
Grant. . . .
