- Subject: Re: Bridge IPv6 traffic between 2 interfaces
- From: Humberto Jucá <betolj@xxxxxxxxx>
- Date: Thu, 22 Mar 2012 07:07:42 -0400
- Cc: netfilter@xxxxxxxxxxxxxxx
- In-reply-to: <CACuyg24rGyYX9bWO21Fbo2HMHtBwwLJQEehq1j1AoNKoew5_3A@mail.gmail.com>
Hi,
I do not know if I understand correctly.
You want the IPv6 traffic across the bridge transparently.
But whether a control standard for IPv4 - is it?
To control what crosses the bridge or not you should use ebtables (in
broute chain).
I believe it is something like:
ebtables -t broute -A BROUTING -p ipv4 -j DROP
This prevents the processing of the * bridge * for IPv4 packets, but
you can still use iptables to filter * routing *.
I hope it's this and that works.
Thanks.
Em 22 de março de 2012 07:06, Humberto Jucá <betolj@xxxxxxxxx> escreveu:
> Hi,
>
> I do not know if I understand correctly.
>
> You want the IPv6 traffic across the bridge transparently.
> But whether a control standard for IPv4 - is it?
>
> To control what crosses the bridge or not you should use ebtables (in
> broute chain).
> I believe it is something like:
>
> ebtables -t broute -A BROUTING -p ipv4 -j DROP
>
> This prevents the processing of the * bridge * for IPv4 packets, but
> you can still use iptables to filter * routing *.
>
> I hope it's this and that works.
> Thanks.
>
>
> 2012/3/22 Huebner, Thomas <thomas.huebner@xxxxxxxxxxxxx>:
>> Hello,
>>
>> I have a computer (A) which is connected on the left side to a private
>> network (usb0) and on the right side to a stand alone computer (B).
>>
>>
>> ----+ +-----------------+ +-------+
>> NET | | BOX A | | BOX B |
>> A +--IPv4---+--- IPv4 in ---+------IPv4--+ |
>> +--IPv6-+ | IPv6 'arround' | +----IPv6--+ |
>> | | +-----------------+ | +-------+
>> ----+ +->----<--->----<--->-+
>>
>>
>> I try to find a way to bridge the IPv6 traffic completely transparent
>> (including all the ICMPv6 and solicitation stuff), between the
>> interfaces usb0 and usb1 while the IPv4 traffic is not affected.
>>
>> I've tried using a brctl which connects the two interfaces perfectly,
>> but disconnects them from the host A itself.
>> Also marking the IPv6 packets with set-mark and routing them using "ip
>> route" seems not to work.
>>
>> The iptables ROUTE target using the "--oif" option seems exactly what
>> I'm looking for, but unfortunatly this target is not available for
>> ip6tables.
>>
>> Has anyone an idea or hint?
>>
>>
>> Thanks
>>
>> Thomas
>> --
>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>> the body of a message to majordomo@xxxxxxxxxxxxxxx
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Netfilter Development]
[Linux Kernel Networking Development]
[Linux Networking Development]
[Linux Kernel Development]
[Linux Resources]
[LARTC]
[Bugtraq]
[Consulting]
[Free Internet Dating]
[Yosemite Forum]
[Photo]
