path: root/docs
diff options
authorBart De Schuymer <>2003-03-03 11:42:22 +0000
committerBart De Schuymer <>2003-03-03 11:42:22 +0000
commitb713d415a9574e590afa23fc7ac987a0a14149b4 (patch)
treedf1df5bebac6e7e8a0e0b06900cf454ede8ab1b5 /docs
parentc85e9ba621aacc0d96a648b0f366c13ad8fbc0cc (diff)
added an entry, updated the links (pointing at the new sourceforge hp)
Diffstat (limited to 'docs')
1 files changed, 45 insertions, 13 deletions
diff --git a/docs/ebtables-faq.html b/docs/ebtables-faq.html
index 1e7ab97..5129b35 100644
--- a/docs/ebtables-faq.html
+++ b/docs/ebtables-faq.html
@@ -18,12 +18,14 @@
<H1>Ebtables (Ethernet Bridge Tables) Frequently Asked Questions</H1>
<A name="top"></A>
+ <P>Last modified: March 3, 2003</P>
<LI><A href="#quiz0">Intro</A></LI>
<LI><A href="#quiz1">Installation</A></LI>
<LI><A href="#quiz2">Usage</A></LI>
- <LI><A href="#quiz3">Other</A></LI>
+ <LI><A href="#quiz3">Problems</A></LI>
+ <LI><A href="#quiz4">Other</A></LI>
@@ -54,10 +56,9 @@
want to use a 2.5.x (or above) kernel, then just use the latest
and greatest kernel version. You won't have to patch the kernel.
Check out the submitted kernel patches, available through the
- <A href="">
- sourcecode</A> section of the ebtables <A href="">
- homepage</A> to see if there have been patches applied in later
- kernel versions than the one you are using.</DD>
+ <A href="">
+ sourcecode</A> section of the ebtables <A href="">
+ homepage</A> to see if there are any pending patches.</DD>
<DD>If you want to use a 2.4.x kernel, then go to
<A href="">Ethernet bridge
tables</A> and download the <B>br_nf_bds</B>, <B>ebtables_kernel</B>
@@ -127,13 +128,13 @@
<DT>Can I filter on ARP packets in the Linux bridge box using
<DD>Yes, it's possible to filter on the ARP header, using ebtables.
- See the <A href="ebtables.8.html">ebtables manual page</A> for
+ See the <A href="">ebtables manual page</A> for
<DT>Can I use ebtables with iptables? Are there any problems to
use it together? How exactly the packet/frame traversing the ebtables/iptables?</DT>
<DD>Yes, it's possible to use ebtables with iptables. Detailed
info about ebtables/iptables interaction is explained at the
- <A href="">
+ <A href="">
"ebtables/iptables interaction on a Linux-based bridge"</A> page.</DD>
<DT>Does ebtables keep count statistics?</DT>
@@ -164,7 +165,7 @@
<DD>The ebtables PREROUTING chain is only traversed when the bridge code is deciding what
to do with the frame. So, if a BROUTING chain rule decided the frame should be routed, then
the ebtables PREROUTING chain won't see it. See the
- <A href="">
+ <A href="">
"ebtables/iptables interaction on a Linux-based bridge"</A> page for the details.</DD>
<DT>I'm using a 2.5.x or higher kernel and my iptables rules won't match on the bridge port
devices, what's wrong?</DT>
@@ -215,10 +216,41 @@ ebtables2/kernel/scripts/CopyRep2.5
<A class=navbar href="#top">[Back to the top]</A>
- <HR>
+ <HR>
+ </LI>
+ <LI>
+ <B><A name="quiz3">Problems</A></B><BR>
+ <DL>
+ <DT>This stuff isn't working on my 64-bit machine with a 32-bit userspace (like the Sparc64)</DT>
+ <DD>We know. It's kind of hard to fix this without access to such a machine. The problem is caused by the
+ different word length between kernel and userspace.</DD>
+ <DT>I'm getting this message when doing IP DNAT: ``Performing cross-bridge DNAT requires IP
+ forwarding to be enabled''</DT>
+ <DD>First make sure IP forwarding is enabled:
+# echo '1' > /proc/sys/net/ipv4/ip_forward
+ If that's the case and the message doesn't go away, make sure your routing table has all necessary
+ entries. For example, suppose we want to DNAT traffic on a bridge device that doesn't have an IP address to
+ an IP address somewhere on the Internet.
+eth0 = connection to Internet
+br0 = eth1+eth2
+br0 has no IP address
+iptables -t nat -A PREROUTING -s -d -j DNAT --to-dest &lt;destination&gt;
+route -A -net netmask dev br0
+ is on the eth1 side, .4 on the eth2 side, the &lt;destination&gt; is somewhere on the Internet.
+ Without the routing table entry (last line above), it is obvious that this DNAT wouldn't work (because the bridge/router
+ wouldn't know where to send 172.16.1.xx traffic). It is possible that the mentioned
+ error message gets printed on the screen or in your logs when this routing table entry is omitted.
+ </DD>
+ </DL>
+ <BR>
+ <A class=navbar href="#top">[Back to the top]</A>
- <B><A name="quiz3">Other</A></B><BR>
+ <B><A name="quiz4">Other</A></B><BR>
<DT>I'm not a Linux system's programmer, but I need a feature, which
is not (yet) implemented in ebtables. What should I do?</DT>
@@ -227,13 +259,13 @@ ebtables2/kernel/scripts/CopyRep2.5
your wanted feature to this mailing list.</DD>
<DT>I'm a C programmer and I want to add an ebtables feature by
myself. Where should I begin?</DT>
- <DD>Subscribe to the <A href=
+ <DD>Subscribe to the <A href=
developers mail list</A>. Read the <A href=
- "ebtables-hacking-HOWTO.html">"Ebtables Hacking HOWTO"</A> and
+ "">"Ebtables Hacking HOWTO"</A> and
have a look at the already implemented modules. You will find that
adding a module is not very hard. Additional information is available
- at the ebtables <A href="">
+ at the ebtables <A href="">