Menu
▾
▴
RE: [Snort-inline-users] Bridging filtering traffic
|
From: Hess, B. <ben...@te...> - 2003-12-02 16:24:00
|
I have tried it with routing both on and off and I have setup all of the interfaces correctly, however I am still getting non icmp traffic filtered. My iptables are showing everything set for accept and have actually been turned off. So what I can do is I can ping the host behind the bridge, and the arp tables are passing fine, but traffic is being filtered. Any other ideas? -----Original Message----- From: Ixion [mailto:ix...@cf...] Sent: Tuesday, December 02, 2003 8:41 AM To: Hess, Ben Cc: 'sno...@li...' Subject: Re: [Snort-inline-users] Bridging filtering traffic I'm going out on a limb here, so please be gracious in your flaming. what does 'cat /proc/sys/net/ipv4/ip_forward' on the bridge machine return? It should return a '1'. If it returns '0', then add this to the beginning of your firewall script: /bin/echo "1" > /proc/sys/net/ipv4/ip_forward I hope this helps > Hello, > I have been attempting to get snort-inline running on a RedHat > 9.0 in a passive state. The issue that I am running into is setting up the > bridging. It says everything is running fine, I can get IPTables running > on > it and everything, however I can not get traffic through the bridge. I can > get icmp traffic trhough, but all tcp and udp is being filtered. I > attempted > to shutdown all IPTables and tested just the bridging and I am still > getting > all tcp and udp filtered. If I move the host out from behind the bridge > everything works fine. Any hints or clues as to what I am missing would be > much appreciated. Below are the commands I am using to create the bridge: > > insmod bridge > brctl addbr mybridge0 > brctl addif mybridge0 eth0 > brctl addif mybridge0 eth1 > ifconfig mybridge0 up > > I appreciate any and all help on this matter, > Ben Hess > |
