Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire.

Please join in and help us improving it!

Combine green and blue to form one logical network

If all you wish to do is allow traffic to pass back and forth between the Blue and Green networks, that can be accomplished by adding an ALLOW firewall rule with the source as the BLUE network and the destination as the GREEN network.

Introduction:

This solution was taken from a forum post and adapted a little bit for the intended use. My thanks for help goes to Michael Tremer, Maniacikarus and Arne F!

This guide required a functioning configuration with three network segments (green, blue, red). Furthermore, it is assumed that the WLAN is assigned to the blue zone and the additional package hostapd is installed and setup.

Note: Implementing this configuration will disable the MAC address filter on the Blue network!

Note: Do not forget to deactivate the DHCP-server on the blue-interface!

Configuration:

To combine the interfaces green0 and blue0 to a bridge while starting time, we create first the file
/etc/init.d/bridge.

touch /etc/init.d/bridge

and fill up the script with the following content.

filename = /etc/init.d/bridge

#!/bin/sh
########################################################################
# Begin $rc_base/init.d/bridge
#
# Description : Skript to use more than one NIC's as green net
#
# Authors     : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version     : 01.00
#
# Notes       :
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}

case "${1}" in
    start)
`boot_mesg "Create bridge for green net..."`
`# down green0`
`ip link set green0 down`
`# rename green0 to green1`
`ip link set green0 name green1`
`# create new bridge green0`
`brctl addbr green0`
`# wait 2 seconds because udev try to rename the nics`
`# if the real green nic was added to fast...`
`sleep 2`
`# Add real green nic`
`brctl addif green0 green1`
`# Add other nic's here ...`
`brctl addif green0 blue0`
`# brctl addif green0 eth1`
`# Bring nic's up`
`ip link set green1 up`
`#ip link set wlan0 up`
`#ip link set eth1 up`
`;;`

    stop)
`boot_mesg "Remove bridge for green net......"`
`# Bring nic's down`
`ip link set green1 down`
`#ip link set eth1 down`
`#ip link set wlan0 down`
`# Bring bridge down`
`ip link set green0 down`
`# Delete Bridge`
`brctl delbr green0`
`# rename green1 to green0`
`ip link set green1 name green0`
`;;`
    *)
`echo "Usage: ${0} {start|stop}"`
`exit 1`
`;;`
esac

# End $rc_base/init.d/bridge

On boot time the script will be started over symlinks in /etc/rc.d/rc3.d/.

The number behind the "S" determines in which sequence the scripts will be started.

Since the script needs to be started before Sxxnetwork and after Sxxhostap , the symlink are named S19bridge .

Therefor we drop the following commands.

ln -s /etc/init.d/bridge /etc/rc.d/rc3.d/S19bridge

To stop the services analog in the directories /etc/rc.d/rc0.d/ and /etc/rc.d/rc6.d/ with the Kxx symlinks,

ln -s /etc/init.d/bridge /etc/rc.d/rc0.d/K82bridge
ln -s /etc/init.d/bridge /etc/rc.d/rc6.d/K82bridge

To be able to use /etc/init.d/bridge it needs to be executable. To make the script executable use the following command:

chmod 754 /etc/init.d/bridge

Thats all! Now green and blue are combined to one logical network.

For this wiki the IPFire team would like to say thanks to WhyTea.

Edit Page ‐ Yes, you can edit!

Older Revisions • August 13 at 12:54 am • Jon Murphy