This section describes what you need and how you do to prepare your bridge.
Here you can find a list of the files and down-loads you will need for the setup of the bridge. If you have one of the mentioned files or packages on your distribution, of course there is no need to create network load.
I'll only mention the files for the 2.2.14 kernel. If you want to try a different one (e.g. 2.2.15 or the recent development kernel) just replace the kernel version number and look whether you find it.
File and package list
E.g. linux-2.2.14.tar.bz2 available from your local kernel.org mirror. Please check first if you find it in your distribution (take unpatched kernel-sources). If you don't, please check The Linux Kernel Archive Mirror System for a close by mirror and down-load it from there.
If your kernel is later than 2.3.47 you don't need this. The bridging is part of the mainstream from that version. |
Get the bridge kernel patches for your kernel version from http://www.openrock.net/bridge/. Identify the file by the kernel number.
There are also patches allowing to work with IP chains. I never tried it, for I don't see the need to fire-wall inside my LAN, and absolutely no need to bridge against the outer world. Feel free to contribute about that issue. |
Kernel patches for the stable 2.2 kernel.
You also will need the bridge configuration utilities to set up the bridge Section 5. You can also download them from http://www.openrock.net/bridge/. The current one (as of this writing) is bridge-utils-0.9.1.tar.gz. bridge-utils-0.9.1.tar.gz. If you have a SuSE6.4 system you can also load it as a i386 binary RPM or the source RPM avaliable at (never mind the tcpdump) bridge-utils-0.9.1-1.i386.rpm and bridge-utils-0.9.1-1.src.rpm.
If your kernel is later than 2.3.47 you don't need this. The bridging is part of the mainstream from that version. |
Apply the bridging patch your kernel. If you don`t know how to do that read the Kernel-HOWTO which can be found in your distribution or at http://sunsite.unc.edu/LDP/HOWTO/HOWTO-INDEX.html
Now it's time we configure our freshly patched kernel to create the ability to bridge.
Run make config, make menuconfig or the click-o-rama make xconfig. Select bridging in the networking option section to be compiled as a module. AFAIK there is no strong reason why not to compile it as a kernel module, whereas I heard rumors about problems with compiling the bridging code directly into the kernel.
root@mbb-1:~ # cd /usr/src/linux-2.2.14 root@mbb-1:/usr/src/linux-2.2.14 # make menuconfig . |
Compile your kernel Example 2. Make the new compiled kernel-image to be loaded. I don't know if the kernel patches only apply to the bridging-module or also modify some interfaces inside vmlinuz. So it might not be a error to give a reboot after you updated the kernel-image.
If you downloaded the binary rpm for SuSE6.4 from bridge-utils-0.9.1-1.i386.rpm of course there is no more action necessary than installing it.
This is how to compile and install from the scratch. Just unzip the utilities-tarball, cd into the newly created directory and give a make.
Example 3. Commands To Compile Your Bridge-Utilities
root@mbb-1:/usr/src/linux-2.2.14 # cd /usr/local/src root@mbb-1:/usr/local/src/ # tar xzvf bridge-utils-0.9.1.tar.gz ..... .... root@mbb-1:/usr/local/src # cd bridge root@mbb-1:/usr/local/src/bridge # make ..... .... |
After the compilation shown in Example 3 have worked properly, you can copy the executables to let's say /usr/sbin/ (at least I did). So the commands you have to give should be clear, but to be complete see Example 4
Example 4. Copy The Binaries Of The Utilities
root@mbb-1:/usr/local/src/bridge # cd brctl root@mbb-1:/usr/local/src/bridge/brctl # cp brctl /usr/bin/local root@mbb-1:/usr/local/src/bridge/brctl # chmod 700 /usr/bin/local/brctl root@mbb-1:/usr/local/src/bridge/brctl # cp brctld /usr/bin/local root@mbb-1:/usr/local/src/bridge/brctl # chmod 700 /usr/bin/local/brctld |
Also now you can copy the new man-page to a decent place, as shown in Example 5.