Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

Differences in Revisions: Combine green and blue to form one logical network

fix code blocks
# Combine green and blue to form one logical network
 
 
If all you wish to do is allow traffic to pass back and forth between the Blue and Green networks, that can be accomplished by adding an ALLOW firewall rule with the source as the BLUE network and the destination as the GREEN network.</WRAP>
 
### Introduction:
 
This solution was taken from a forum post and adapted a little bit for the intended use. My thanks for help goes to [MichaelTremer](http://forum.ipfire.org/index.php?action=profile;u=3), [Maniacikarus](http://forum.ipfire.org/index.php?action=profile;u=50) and [Arne.F](http://forum.ipfire.org/index.php?action=profile;u=92)!
## Introduction:
This solution was taken from a forum post and adapted a little bit for the intended use. My thanks for help goes to Michael Tremer, Maniacikarus and Arne F!
 
This guide required a functioning configuration with three network segments (green, blue, red). Furthermore, it is assumed that the WLAN is assigned to the blue zone and the additional package [hostapd](/addons/wireless) is installed and setup.
 
<WRAP center round 80% danger>Implementing this configuration will disable the MAC address filter on the Blue network!</WRAP>
**Note:** Implementing this configuration will disable the MAC address filter on the Blue network!
 
<WRAP center round 80% important>Do not forget to deactivate the DHCP-server on the blue-interface!</WRAP>
**Note:** Do not forget to deactivate the DHCP-server on the blue-interface!
 
### Configuration:
 
## Configuration:
To combine the interfaces green0 and blue0 to a bridge while starting time, we create first the file **/etc/init.d/bridge**
To combine the interfaces green0 and blue0 to a bridge while starting time, we create first the file
`/etc/init.d/bridge`.
 
```text
`touch /etc/init.d/bridge`
touch /etc/init.d/bridge
```
 
and fill up the script with the following content.
 
<file bash File: /etc/init.d/bridge>
filename = /etc/init.d/bridge
```text
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/bridge
#
# Description : Skript to use more than one NIC's as green net
#
# Authors : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version : 01.00
#
# Notes :
#
########################################################################
 
. /etc/sysconfig/rc
. ${rc_functions}
 
case "${1}" in
start)
`boot_mesg "Create bridge for green net..."`
`# down green0`
`ip link set green0 down`
`# rename green0 to green1`
`ip link set green0 name green1`
`# create new bridge green0`
`brctl addbr green0`
`# wait 2 seconds because udev try to rename the nics`
`# if the real green nic was added to fast...`
`sleep 2`
`# Add real green nic`
`brctl addif green0 green1`
`# Add other nic's here ...`
`brctl addif green0 blue0`
`# brctl addif green0 eth1`
`# Bring nic's up`
`ip link set green1 up`
`#ip link set wlan0 up`
`#ip link set eth1 up`
`;;`
 
stop)
`boot_mesg "Remove bridge for green net......"`
`# Bring nic's down`
`ip link set green1 down`
`#ip link set eth1 down`
`#ip link set wlan0 down`
`# Bring bridge down`
`ip link set green0 down`
`# Delete Bridge`
`brctl delbr green0`
`# rename green1 to green0`
`ip link set green1 name green0`
`;;`
*)
`echo "Usage: ${0} {start|stop}"`
`exit 1`
`;;`
esac
 
# End $rc_base/init.d/bridge
</file>
```
 
On boot time the script will be started over symlinks in **/etc/rc.d/rc3.d/** .
On boot time the script will be started over symlinks in `/etc/rc.d/rc3.d/`.
 
The number behind the "S" determines in which sequence the scripts will be started.
 
Since the script needs to be started before **Sxxnetwork** and after **Sxxhostap** , the symlink are named **S19bridge** .
 
Therefor we drop the following commands.
 
```text
`ln -s /etc/init.d/bridge /etc/rc.d/rc3.d/S19bridge`
ln -s /etc/init.d/bridge /etc/rc.d/rc3.d/S19bridge
```
 
To stop the services analog in the directories **/etc/rc.d/rc0.d/** and **/etc/rc.d/rc6.d/** with the Kxx symlinks,
 
```
```text
ln -s /etc/init.d/bridge /etc/rc.d/rc0.d/K82bridge
ln -s /etc/init.d/bridge /etc/rc.d/rc6.d/K82bridge
```
 
To be able to use /etc/init.d/bridge it needs to be executable. To make the script executable use the following command:
 
```text
`chmod 754 /etc/init.d/bridge`
chmod 754 /etc/init.d/bridge
```
 
Thats all! Now green and blue are combined to one logical network.
 
 
For this wiki the IPFire team would like to say thanks to WhyTea.