Mailinglist Archive: opensuse-security (261 mails)
| < Previous | Next > |
Re: [suse-security] Bridging Firewall with traffic-shaping
- From: "Backhausen, Sven" <sbackhausen@xxxxxxx>
- Date: Mon, 5 Apr 2004 08:29:55 +0200
- Message-id: <A7859322-86CA-11D8-A931-000A95CCE532@xxxxxxx>
Am 01.04.2004 um 11:01 schrieb Guido Tschakert:
To use linux kernel 2.4.x as a filtering bridge you need the bridge-nf patch applied to the kernel wich isnĀ“t included in SuSEs kernels afaik. You also need an uptodate version of iptables with some of the patch-o-matic patches applied and the bridge-utils. Patching/recompiling SuSEs kernels is a mess, I gave up after a few hours and took debian stable. The box is rock solid and a fine firewalling, shaping and accounting bridge.
sematin@xxxxxxxxx wrote:...
Theoretically you should be able to setup a SUSE box as a bridge and then use
CBQ or some other mechanism to regulate bandwidth. I've only done this with
FreeBSD using dummynet for bandwdith control and it was a breeze to setup
using the docs from their handbook. However I have used CBQ on linux to
control bandwidth.
I have looked at http://bridge.sourceforge.net downloaded the bridge-utils-rpm and try to configure a bridge with brctl which is very easy ;-)
Stupidly the kernel hangs after ifconfig mybridge up and sending the first frames :-(
I think I will wait now for SuSE 9.1 with kernel 2.6.x.
To use linux kernel 2.4.x as a filtering bridge you need the bridge-nf patch applied to the kernel wich isnĀ“t included in SuSEs kernels afaik. You also need an uptodate version of iptables with some of the patch-o-matic patches applied and the bridge-utils. Patching/recompiling SuSEs kernels is a mess, I gave up after a few hours and took debian stable. The box is rock solid and a fine firewalling, shaping and accounting bridge.
| < Previous | Next > |