Menu
▾
▴
Re: [Snort-inline-users] Bridging filtering traffic
|
From: Stephan S. <ss...@as...> - 2003-12-02 12:08:22
|
Hi Ben, it has been a while since I tested it. But here are the commands I used: brctl addbr br0 brctl addif br0 eth1 brctl addif br0 eth2 ip link set eth1 up ip link set eth2 up ip link set br0 up brctl stp br0 off Note that you need the bridge netfilter patch for your kernel, so that the packets actually go into netfilter. It can be found at http://bridge.sourceforge.net/devel/bridge-nf/bridge-nf-0.0.7-against-2.4.19.diff (for kernel 2.4.19). Stephan Hess, Ben wrote: > I have been attempting to get snort-inline running on a > RedHat 9.0 in a passive state. The issue that I am running into is > setting up the bridging. It says everything is running fine, I can get > IPTables running on it and everything, however I can not get traffic > through the bridge. I can get icmp traffic trhough, but all tcp and udp > is being filtered. I attempted to shutdown all IPTables and tested just > the bridging and I am still getting all tcp and udp filtered. If I move > the host out from behind the bridge everything works fine. Any hints or > clues as to what I am missing would be much appreciated. Below are the > commands I am using to create the bridge: -- Stephan Scholz <ss...@as...> | Development Astaro AG | www.astaro.com | Phone +49-721-490069-0 | Fax -55 Awards for ASL: - Nätverk & Kommunikation Magazine, Sweden: "Five Stars" - October 2003 - Linux Enterprise Readers' Choice Award: Best Firewall - October 2003 - LinuxWorld Product Excellence Award: Best Security Solution - August 2003 - "Excellent" Infoworld Magazine - August 2003 |
