Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

Combine green and blue to form one logical network

Note!
If all you wish to do is allow traffic to pass back and forth between the Blue and Green networks, that can be accomplished by adding an ALLOW firewall rule with the source as the BLUE network and the destination as the GREEN network.

Introduction:

This solution was taken from a forum post and adapted a little bit for the intended use. My thanks for help goes to Michael Tremer, Maniacikarus and Arne F!

This guide required a functioning configuration with three network segments (green, blue, red). Furthermore, it is assumed that the WLAN is assigned to the blue zone and the additional package hostapd is installed and setup.

Note!
Implementing this configuration will disable the MAC address filter on the Blue network!
Do not forget to deactivate the DHCP-server on the blue-interface!

Configuration:

To combine the interfaces green0 and blue0 to a bridge while starting time, we create first the file
/etc/init.d/bridge.

touch /etc/init.d/bridge

and fill up the script with the following content.

filename = /etc/init.d/bridge

#!/bin/sh
########################################################################
# Begin $rc_base/init.d/bridge
#
# Description : Skript to use more than one NIC's as green net
#
# Authors     : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version     : 01.00
#
# Notes       :
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}

case "${1}" in
    start)
boot_mesg "Create bridge for green net..."
# down green0
ip link set green0 down
# rename green0 to green1
ip link set green0 name green1
# create new bridge green0
brctl addbr green0
# wait 2 seconds because udev try to rename the nics
# if the real green nic was added to fast...
sleep 2
# Add real green nic
brctl addif green0 green1
# Add other nic's here ...
brctl addif green0 blue0
# brctl addif green0 eth1
# Bring nic's up
ip link set green1 up
#ip link set wlan0 up
#ip link set eth1 up
;;

    stop)
boot_mesg "Remove bridge for green net......"
# Bring nic's down
ip link set green1 down
#ip link set eth1 down
#ip link set wlan0 down
# Bring bridge down
ip link set green0 down
# Delete Bridge
brctl delbr green0
# rename green1 to green0
ip link set green1 name green0
;;
    *)
echo "Usage: ${0} {start|stop}"
exit 1
;;
esac

# End $rc_base/init.d/bridge

On boot time the script will be started over symlinks in /etc/rc.d/rc3.d/.

The number behind the "S" determines in which sequence the scripts will be started.

Since the script needs to be started before Sxxnetwork and after Sxxhostap , the symlink are named S19bridge .

Therefor we drop the following commands.

ln -s /etc/init.d/bridge /etc/rc.d/rc3.d/S19bridge

To stop the services analog in the directories /etc/rc.d/rc0.d/ and /etc/rc.d/rc6.d/ with the Kxx symlinks,

ln -s /etc/init.d/bridge /etc/rc.d/rc0.d/K82bridge
ln -s /etc/init.d/bridge /etc/rc.d/rc6.d/K82bridge

To be able to use /etc/init.d/bridge it needs to be executable. To make the script executable use the following command:

chmod 754 /etc/init.d/bridge

Thats all! Now green and blue are combined to one logical network.

For this wiki the IPFire team would like to say thanks to WhyTea.

Edit Page ‐ Yes, you can edit!

Older Revisions • September 4 at 5:18 pm • Jon