Difference between revisions of "Bridge Firewall Linux"
From MS Computech
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Bridge Firewall Linux | Bridge Firewall Linux | ||
| − | + | ผมใช้วิธีนี้ติดตั้งบน Debian 7 8 9 | |
| − | <pre># apt-get install bridge-utils | + | <pre># apt-get install bridge-utils</pre> |
| − | + | Edit Config ใน '''/etc/rc.local''' | |
| − | + | <pre> | |
| − | + | nano /etc/rc.local | |
| − | + | </pre> | |
| − | + | <pre> | |
| − | + | # Bridge Interface | |
| − | |||
| − | |||
| − | | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | <pre> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + | ifconfig eth0 down | ||
| + | ifconfig eth1 down | ||
| + | brctl addbr br0 | ||
| + | brctl addif br0 eth0 | ||
| + | brctl addif br0 eth1 | ||
| + | brctl stp br0 on | ||
| + | ifconfig eth0 0.0.0.0 up | ||
| + | ifconfig eth1 0.0.0.0 up | ||
| + | ifconfig br0 192.168.1.107 netmask 255.255.255.0 up | ||
| + | route add default gw 192.168.1.1 | ||
| + | </pre> | ||
| + | Enable kernel 4.9 bridge filter หากไม่ทำการโหลดโมดูล Bridge จะเป็นแค่ Layer 2 Switch ไม่สามารถ Filter ข้อมูลได้ | ||
| + | <pre> | ||
| + | modprobe br_netfilter | ||
| + | depmod -a | ||
| + | echo 1 > /proc/sys/net/ipv4/ip_forward | ||
</pre> | </pre> | ||
Latest revision as of 19:27, 16 March 2019
Bridge Firewall Linux
ผมใช้วิธีนี้ติดตั้งบน Debian 7 8 9
# apt-get install bridge-utils
Edit Config ใน /etc/rc.local
nano /etc/rc.local
# Bridge Interface ifconfig eth0 down ifconfig eth1 down brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 brctl stp br0 on ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 192.168.1.107 netmask 255.255.255.0 up route add default gw 192.168.1.1
Enable kernel 4.9 bridge filter หากไม่ทำการโหลดโมดูล Bridge จะเป็นแค่ Layer 2 Switch ไม่สามารถ Filter ข้อมูลได้
modprobe br_netfilter depmod -a echo 1 > /proc/sys/net/ipv4/ip_forward
