Setting up a Linux Bridge (Layer 2)
Diagram
[internet] -> [eth0] -> [Bridge “mybridge”] -> [eth1] -> [LAN]
Reference Versions:
shell> uname -r
2.6.12
shell> ebtables -V
ebtables v2.0.8-rc3 (December 2006)
shell> iptables -V
iptables v1.3.0
shell> cat /var/log/messages | grep Ebtables
Mar 6 23:48:07 Cantara kernel: Ebtables v2.0 registered
With FC4 installed Ebtables may or may not be installed, however the keneral may have the necessary modules installed…
shell> lsmod | grep table
ebtable_broute 2432 1
ebtables 21504 3 ebt_redirect,ebt_ip,ebtable_broute
iptable_nat 23644 2 ipt_REDIRECT
ip_conntrack 44248 1 iptable_nat
ip_tables 20992 2 ipt_REDIRECT,iptable_nat
bridge 61720 1 ebtable_broute
If not, then start downloading:
ebtables Home Page
By source code:
shell> tar -xzf ebtables-v2.0.6.tar.gz
shell> cd ebtables-v2.0.6
shell> make
shell> make install
Verify install by:
shell> ebtables -V
rc.bridge
#!/bin/sh
name="cantara"
echo ""
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "Resetting devices, if any"
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo ""
#
# dynamic
# dhclient -r
#
# static
route del default
ifconfig $name down
brctl delif $name eth0
brctl delif $name eth1
brctl delbr $name
ifconfig eth0 down
ifconfig eth1 down
echo ""
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "Bring devices Up..."
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo ""
#
sleep 3 # very important or you may get routing issues
brctl addbr $name
brctl addif $name eth0
brctl addif $name eth1
ifconfig eth0 0.0.0.0 promisc up
ifconfig eth1 0.0.0.0 promisc up
ifconfig $name up
#
# dhcp client
# dhclient $name
#
# static
ifconfig $name 192.168.30.4 netmask 255.255.255.0
route add default gw 192.168.30.1 $name
#
echo ""
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "Removing Ethernet Filtering..."
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo ""
cd /proc/sys/net/bridge
for f in bridge-nf-*; do echo 0 > $f; done
rc.squid
#!/bin/sh
name="cantara"
echo ""
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "Setting up squid redirects"
echo "-=-=-=-=-=-=-=-=-=-=-=-=-="
echo ""
iptables -t nat -F
ebtables -t broute -F
ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 \
--ip-destination-port 80 -j redirect --redirect-target ACCEPT
iptables -t nat -A PREROUTING -i $name -p tcp --dport 80 \
-j REDIRECT --to-port 3128
References:
Bridge
ebtables Home Page
iptables Home Page
About this entry
You’re currently reading “Setting up a Linux Bridge (Layer 2),” an entry on Taehoon’s Blog
- Published:
- 03.07.07 / 1pm
- Category:
- Computer, Networking, Linux, References & Documentation
No comments
Jump to comment form | comments rss [?] | trackback uri [?]