Fedora 17 transparent Ethernet Bridge not forwarding IP traffic

Posted by mcdoomington on Server Fault See other posts from Server Fault or by mcdoomington
Published on 2012-10-24T16:24:44Z Indexed on 2012/10/24 17:03 UTC
Read the original article Hit count: 160

Filed under:

linux

|

linux-networking

I am running on Fedora 17 with the latest ebtables and have been trying to setup a transparent bridge - using the following script, I send a ping through the bridged host and only see the requests on the bridge (among other traffic from eth0), BUT, arps and arp replies are making it through.

My host is setup - Client 192.168.1.10 <-- eth0 --> eth2 192.168.1.20

Ethernet script:

#!/bin/sh
brctl addbr br0;
brctl stp br0 on;
brctl addif br0 eth0;
brctl addif br0 eth2;
(ifdown eth0 1>/dev/null 2>&1;);
(ifdown eth2 1>/dev/null 2>&1;);
ifconfig eth0 0.0.0.0 up;
ifconfig eth2 0.0.0.0 up;
echo "1" > /proc/sys/net/ipv4/ip_forward;   
ebtables -P INPUT DROP
ebtables -P FORWARD DROP
ebtables -P OUTPUT DROP
ebtables -A FORWARD -p ipv4 -j ACCEPT
ebtables -A FORWARD -p arp -j ACCEPT

Any assistance would be great!

© Server Fault or respective owner

Related posts about linux

apt-get install and update fail

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I've got a problem with apt-get update and apt-get install ... commands . every time update or installing fails and errors are : Get:1 http://dl.google.com stable Release.gpg [198B] Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en_US Get:2 http://dl… >>> More
kernel module compiling error

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
sh@ubuntu:/home/ccpp/helloworld$ make gcc-4.6 -O2 -DMODULE -D_KERNEL_ -W -Wall -Wstrict-prototypes -Wmissing-prototypes -isystem /lib/modules/`uname -r`/build/include -c -o hello-1.o hello-1.c hello-1.c:4:0: warning: "MODULE" redefined [enabled by default] <command-line>:0:0: note: this is… >>> More
Build-Essentials installation failing

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am having trouble accessing the several critical header files that show to be a part of the build process. The "Ubuntu Software Center" shows "Build Essentials" as installed: Next I did the following two commands, which did not improve the problem: ~$ sudo apt-get install build-essential [sudo]… >>> More
Updating Debian kernel

as seen on Super User - Search for 'Super User'
I'm trying to update my Debian machine to 2.6.32-46 (which is the new stable). However, after doing apt-get update my apt-cache search linux-image shows me: linux-headers-2.6.32-5-486 - Header files for Linux 2.6.32-5-486 linux-headers-2.6.32-5-686-bigmem - Header files for Linux 2.6.32-5-686-bigmem linux-headers-2… >>> More
Serial connection over a single USB cable (Windows to linux, or linux to linux)

as seen on Server Fault - Search for 'Server Fault'
I'm helping out with a project for an embedded device that only has USB and no serial. This device is running Linux. These days, when we need to connect to a serial port on a device we typically use a USB to serial adapter (on something like a phone system or a load balancing device, etc). I would… >>> More

Related posts about linux-networking

Tutorial: 7 Useful Linux Networking Commands

as seen on Internet.com - Search for 'Internet.com'
Eric Geier introduces us to to seven powerful commands for troubleshooting and configuring Linux networking, both wired and wireless. >>> More
Linux networking "jail" for a single process

as seen on Server Fault - Search for 'Server Fault'
I need to tune up a networking app for network specific things like: make it use a DNS server different than the default one from /etc/resolv.conf make sure it does not try to connect to certain hosts/ports using tcp/udp connections I know I can get away with just modifying /etc/resolv.conf and… >>> More
What do "Unknown SSAP" and "Unknown DSAP" mean in tcpdump?

as seen on Server Fault - Search for 'Server Fault'
While trying to fix a problem with intermittently losing internet connection on a machine with a wireless connection to a router, I ran tcpdump and noticed packets with "Unknown SSAP" and "Unknown DSAP" errors coming at a rate of a few per second. 20:27:21.703178 00:24:a5:af:24:f6 (oui Unknown) Unknown… >>> More
Dual NIC Networking CentOS 5.3 (losing connection)

as seen on Server Fault - Search for 'Server Fault'
I have a CentOS System with two NICs on it. One is Ethernet the other is Wireless. The Ethernet has an address of 192.168.1.110 and is tied to a LAN. (The LAN provides DHCP and DNS for its domain of 192.168.1.*) The Wireless card should have an address of 131.238.. and is tied to the WAN. For… >>> More
Linux e1000e (Intel networking driver) problems galore, where do I start?

as seen on Server Fault - Search for 'Server Fault'
I'm currently having a major problem with e1000e (not working at all) in Ubuntu Maverick (1.0.2-k4), after resume I'm getting a lot of stuff in dmesg: [ 9085.820197] e1000e 0000:02:00.0: PCI INT A disabled [ 9089.907756] e1000e: Intel(R) PRO/1000 Network Driver - 1.0.2-k4 [ 9089.907762] e1000e: Copyright… >>> More