[Techtalk] problem with wireless/LAN router
Carla Schroder
carla at bratgrrl.com
Wed Jan 17 23:51:40 UTC 2007
On Wednesday 17 January 2007 11:52, Kai MacTane wrote:
> At 09:05 AM 1/17/2007, Carla Schroder wrote:
> >iptables has these rules:
> >
> >#Enable unrestricted outgoing traffic, incoming
> >#is restricted to locally-initiated sessions only
> >$ipt -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> >$ipt -A FORWARD -i $WAN_IFACE -o $LAN_IFACE -m state --state
> >ESTABLISHED,RELATED -j ACCEPT
> >$ipt -A FORWARD -i $LAN_IFACE -o $WAN_IFACE -m state --state
> >NEW,ESTABLISHED,RELATED -j ACCEPT
>
> I see rules that allow LAN > WAN communication, and WAN > LAN if the
> state is right, but nothing for LAN > LAN. Is that the problem?
eh? My head hurts :) The bridge is supposed to be transparent to the network,
and the bridge IP is supposed to work like the IP on any interface. The only
difference between my new setup and the old one is the bridge and the
Internet router are now all in one box, instead of two separate ones. That
particular ruleset works like a charm with two wired Ethernet ports and the
WAP on a separate box.
Did I mention that the wired hosts can ping each other, but not the wireless
hosts, and vice-versa? And that the problem goes away when I turn off
iptables? So it's either a bug, or I need some weird allow rule that is
special to wireless bridges.
Or.... a third interface?
modem - router - switch - wired LAN
|
wireless
bridge
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
Linux geek and random computer tamer
check out my Linux Cookbook!
http://www.oreilly.com/catalog/linuxckbk/
best book for sysadmins and power users
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Techtalk
mailing list