On Fri, Dec 02, 2005 at 06:02:13PM +0000, Guy Heatley wrote:
> Hi!
> I have a cluster of UMLs networked together using ethernet bridging
> and tun/tap.
> I want to connect to a network with the following stipulations:
>
> 1) The UMLs (and UML host) have predetermined range of IP addresses on
> a wider subnet. These need to stay fixed.
>
> 2) I want to firewall off the UMLs to prevent UML users doing nasty
> things to the rest of the subnet e.g. setting up a DHCP server that
> would be in competition with the real one.
>
> I have created 2 bridges on the host: One to hang the UMLs off and the
> other to act as a bridging firewall, but I cant figure out how to
> connect the bridges together.
> I have an TUN interface added to each: one is called "fw-output" - the
> "private side" interface on the bridging firewall, and one on the
> bridge the UMLs hang off, called "uplink".
>
> Does anyone know how to get network traffic to pass between fw-output
> and uplink? (Or. a better way of solving this problem ;-)
What's the matter with just using routing to get traffic where it's going?
Alternatively, bridge everything together, and use iptables/ebtables to
throw out packets that the UMLs shouldn't be sending/receiving.
Jeff
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
User-mode-linux-user mailing list
User-mode-linux-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
