0

I need to test some daisychain working. but not enough interface.

     internet
        |
    [   eth1  ]
    [     dum3]---
    [         ]  | [dumbr0]
    [     dum4]---
    [   eth2  ]
        |
       pc

so, I want make virutal(dummy) bridge with two dummy interface.

I`m using CentOS 7

ip link add dum3 type dummy
ip link add dum4 type dummy
ifconfig dum3 up
ifconfig dum4 up

brctl addbr dumbr0
brctl addif dum3 dumbr0
brctl addif dum4 dumbr0
ifconfig dumbr0 up

I made done with two dummy interface (dum3, dum4), and bridge (dumbr0)

When my packet come to eth2, then my program will send to dum4

then, it should be comeback to dum3 by dumbr0.

but when check with tcpdump, packet send with dum4, but no packet in dum3.

I checked "ip link show", and dumbr0 is ON

What is problem and I can fix it?

Thanks,

EDIT.

my iptables, ebtables info, i have only this rules

eth1, eth2 is bridge with br0

iptables -t mangle -A FORWARD -p tcp -j DROP
iptables -t mangle -A FORWARD -p udp -j DROP

ebtables -t broute -A BROUTING -p IPv4 --ip-proto tcp -j redirect --redirect-target DROP
ebtables -t broute -A BROUTING -p IPv4 --ip-proto udp -j redirect --redirect-target DROP
hybang
  • 11
  • 2
  • Please add your firewall configuration as shown by `iptables-save` to the question. – Tero Kilkanen Jan 13 '22 at 07:03
  • @Tero Kilkanen I add my iptables, ebtables info – hybang Jan 13 '22 at 09:00
  • The rules are dropping pretty much all packets, so that is why they are not relayed via the bridge. If you don\t want to apply netfilter rules to bridged packets, then you need to disable netfilter calls for bridged packets. – Tero Kilkanen Jan 13 '22 at 14:58

0 Answers0