[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] How to make SuSEfirewall2 accept packets passing bridge-interface


I had set up a router as follows:
- eth1/ ppp0 is external interface to a DSL-modem to the internet
- eth0 is a ethernet-interface to internal net/ switch
=> everything was fine. SuSEFirewall2 set up the routing to and from the 
internet for the internal clients and provided some protection from the 

Now I added a wireless-card for the router also acting as a wireless 
- ath0 is interface of wireless-card running in hostap-mode
Then I build a bridge-interface from eth0 and ath0 and gave it the former IP 
of eth0. 
- br0 bridge made of ath0 and eth0
Routing from the wired and wireless clients to the internet works like a 
What does not work ist bridging from physical interface eth0 to ath0 so that I 
can reach my server attached to the LAN-switch from my wireless notebook. I 
get logging-entries like that:

Could anybody tell me what to write into /etc/sysconfig/SUSEFirewall2 or 
in /etc/sysconfig/scripts/SuSEfirewall2-custom to accept packets crossing my 

Bridge was set up like that:
brctl addbr br0
brctl addif br0 ath0
brctl addif br0 eth0
ifconfig ath0
ifconfig eth0
ifconfig br0

Thanks in advance for any tips.

Eat, sleep and go running,
David Hücking.

Encrypted eMail welcome! 
GnuPG/ PGP-Key: 0x57809216. Fingerprint: 
3DF2 CBE0 DFAA 4164 02C2  4E2A E005 8DF7 5780 9216

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here