A message for Linux.com registered users: We are in the process of making changes to the Linux forums. Starting Monday, 8/13/18 at 6:00 PM PT, you will be unable to access the forums. They will re-launch as soon as possible on Wednesday, 8/15/18 with new features and improved functionality. Thank you for your patience and stay tuned for the new improved forums.

May 17, 2009

Transparent firewall: I cannot get it to work,

I am trying to set up a transparent firewall using the ethernet bridge commands.
What this firewall needs to do is allow ONLY ssh through from the internet, and allow the intranet (Local Lan) to communicate with the outside world.

The internet is coming in through eth0, the local intranet LAN is past eth1

Right now I am testing with a laptop connected to eth1 via crossover cable.
I have tried these commands as spelled out in http://www.linuxjournal.com/article/8172

They do NOT work and do NOT allow the laptop to even do DHCP to get an address.

(Also the grsecurity kernel I tried to compile can't even find the hda1 but that's another story) NOTHING WORKS.

Here's what I tried and failed with:
/usr/sbin/brctl addbr br0
/usr/sbin/brctl addif br0 eth0
/usr/sbin/brctl addif br0 eth1
/sbin/ip link set br0 up
/sbin/ip addr add brd + dev br0
/sbin/route add default gw dev br0

Click Here!