wiki.ipfire.org

The community-maintained documentation platform of IPFire

User Tools

Site Tools


en:configuration:network:bridge-green-blue

Combine green and blue to form one logical network

These instructions are designed to combine the Green and Blue zones into one logical network, which is a non-standard configuration, and could cause conflicts with other portions of the system.

If all you wish to do is allow traffic to pass back and forth between the Blue and Green networks, that can be accomplished by adding an ALLOW firewall rule with the source as the BLUE network and the destination as the GREEN network.

Introduction:

This solution was taken from a forum post and adapted a little bit for the intended use. My thanks for help goes to MichaelTremer, Maniacikarus and Arne.F!

This guide required a functioning configuration with three network segments (green, blue, red). Furthermore, it is assumed that the WLAN is assigned to the blue zone and the additional package hostapd is installed and setup.

Implementing this configuration will disable the MAC address filter on the Blue network!

Do not forget to deactivate the DHCP-server on the blue-interface!

Configuration:

To combine the interfaces green0 and blue0 to a bridge while starting time, we create first the file /etc/init.d/bridge

touch /etc/init.d/bridge

and fill up the script with the following content.

File: /etc/init.d/bridge
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/bridge
#
# Description : Skript to use more than one NIC's as green net
#
# Authors     : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version     : 01.00
#
# Notes       :
#
########################################################################
 
. /etc/sysconfig/rc
. ${rc_functions}
 
case "${1}" in
	start)
		boot_mesg "Create bridge for green net..."
		# down green0
		ip link set green0 down
		# rename green0 to green1
		ip link set green0 name green1
		# create new bridge green0
		brctl addbr green0
		# wait 2 seconds because udev try to rename the nics
		# if the real green nic was added to fast...
		sleep 2
		# Add real green nic
		brctl addif green0 green1
		# Add other nic's here ...
		brctl addif green0 blue0
		# brctl addif green0 eth1
		# Bring nic's up
		ip link set green1 up
		#ip link set wlan0 up
		#ip link set eth1 up
		;;
 
	stop)
		boot_mesg "Remove bridge for green net......"
		# Bring nic's down
		ip link set green1 down
		#ip link set eth1 down
		#ip link set wlan0 down
		# Bring bridge down
		ip link set green0 down
		# Delete Bridge
		brctl delbr green0
		# rename green1 to green0
		ip link set green1 name green0
		;;
	*)
		echo "Usage: ${0} {start|stop}"
		exit 1
		;;
esac
 
# End $rc_base/init.d/bridge 

On boot time the script will be started over symlinks in /etc/rc.d/rc3.d/ .

The number behind the “S” determines in which sequence the scripts will be started.

Since the script needs to be started before Sxxnetwork and after Sxxhostap , the symlink are named S19bridge .

Therefor we drop the following commands.

ln -s /etc/init.d/bridge /etc/rc.d/rc3.d/S19bridge

To stop the services analog in the directories /etc/rc.d/rc0.d/ and /etc/rc.d/rc6.d/ with the Kxx symlinks,

ln -s /etc/init.d/bridge /etc/rc.d/rc0.d/K82bridge
ln -s /etc/init.d/bridge /etc/rc.d/rc6.d/K82bridge

To be able to use /etc/init.d/bridge it needs to be executable. To make the script executable use the following command:

chmod 754 /etc/init.d/bridge

Thats all! Now green and blue are combined to one logical network.

For this wiki the IPFire team would like to say thanks to WhyTea.

Translations of this page?:
en/configuration/network/bridge-green-blue.txt · Last modified: 2014/08/05 15:40 by trymes