5. Preparing The Bridge
This section describes what you need and how you do to prepare your bridge.
5.1. Get The Files
Here you can find a list of the files and down-loads you will need for the setup of the bridge. If you have one of the mentioned files or packages on your distribution, of course there is no need to create network load.
I'll only mention the files for the 2.2.14 kernel. If you want to try a different one (e.g. 2.2.15 or the recent development kernel) just replace the kernel version number and look whether you find it.
Important: You have read the abstract, didn't you? So you know that there is no need to download any kernel-patch if you're working with a kernel later than 2.3.47.
File and package list
- Unpatched kernel-sources
E.g. linux-2.2.14.tar.bz2 available from your local kernel.org mirror. Please check first if you find it in your distribution (take unpatched kernel-sources). If you don't, please check The Linux Kernel Archive Mirror System for a close by mirror and down-load it from there.
- Bridge patches
Note: If your kernel is later than 2.3.47 you don't need this. The bridging is part of the mainstream from that version.
Get the bridge kernel patches for your kernel version from http://www.math.leidenuniv.nl/~buytenh/bridge/. Identify the file by the kernel number.
Note: There are also patches allowing to work with IP chains. I never tried it, for I don't see the need to fire-wall inside my LAN, and absolutely no need to bridge against the outer world. Feel free to contribute about that issue.
Kernel patches for the stable 2.2 kernel.
Available Kernel patches
- bridge-0.0.9-against-2.2.18.diff, the main kernel patch against 2.2.18
http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.9-against-2.2.18.diff
- bridge-ipchains-against-0.0.9-against-2.2.18.diff, an add-on patch for bridge firewalling against 2.2.18
- bridge-0.0.8-against-2.2.18pre19.diff, the main kernel patch against 2.2.18pre19.
http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.8-against-2.2.18pre19.diff
- bridge-0.0.8-against-2.2.17-0.5.diff, the main kernel patch against 2.2.17-0.5
http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.8-against-2.2.17-0.5.diff
- bridge-ipchains-against-0.0.8-against-2.2.18pre19.diff, an add-on patch for bridge firewalling against 2.2.18pre19
- bridge-ipchains-against-0.0.8-against-2.2.17-0.5.diff, an add-on patch for bridge firewalling against 2.2.17-0.5
- bridge-0.0.7-against-2.2.18pre15.diff, the main kernel patch against 2.2.18pre15
http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.7-against-2.2.18pre15.diff
- bridge-ipchains-against-0.0.7-against-2.2.18pre15.diff, an add-on patch for bridge firewalling against 2.2.18pre15
- bridge-0.0.7-against-2.2.17.diff, the main kernel patch against 2.2.17
http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.7-against-2.2.17.diff
- bridge-ipchains-against-0.0.7-against-2.2.17.diff, an add-on patch for bridge firewalling against 2.2.17
- Bridge configuration utilities
You also will need the bridge configuration utilities to set up the bridge Section 6. You can also download them from http://www.math.leidenuniv.nl/~buytenh/bridge/.
5.2. Apply The Patches
Note: If your kernel is later than 2.3.47 you don't need this. The bridging is part of the mainstream from that version.
Apply the bridging patch your kernel. If you don`t know how to do that read the Kernel-HOWTO which can be found in your distribution or at http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html
5.3. Configure The Kernel
Now it's time we configure our freshly patched kernel to create the ability to bridge.
Run make config, make menuconfig or the click-o-rama make xconfig. Select bridging in the networking option section to be compiled as a module. AFAIK there is no strong reason why not to compile it as a kernel module, whereas I heard rumors about problems with compiling the bridging code directly into the kernel.
5.4. Compile The Kernel
Compile your kernel Example 2. Make the new compiled kernel-image to be loaded. I don't know if the kernel patches only apply to the bridging-module or also modify some interfaces inside vmlinuz. So it might not be a error to give a reboot after you updated the kernel-image.
5.5. Compile The Bridge Utilities
This is how to compile and install from the scratch. Just unzip the utilities-tarball, cd into the newly created directory and give a make.
Example 3. Commands To Compile Your Bridge-Utilities
root@mbb-1:/usr/src/linux-2.2.14 # cd /usr/local/src root@mbb-1:/usr/local/src/ # tar xzvf bridge-utils-0.9.1.tar.gz ..... .... root@mbb-1:/usr/local/src # cd bridge root@mbb-1:/usr/local/src/bridge # make ..... .... |
After the compilation shown in Example 3 have worked properly, you can copy the executables to let's say /usr/local/sbin/ (at least I did). So the commands you have to give should be clear, but to be complete see Example 4
Example 4. Copy The Binaries Of The Utilities
root@mbb-1:/usr/local/src/bridge # cd brctl root@mbb-1:/usr/local/src/bridge/brctl # cp brctl /usr/local/sbin root@mbb-1:/usr/local/src/bridge/brctl # chmod 700 /usr/local/sbin/brctl root@mbb-1:/usr/local/src/bridge/brctl # cp brctld /usr/local/sbin root@mbb-1:/usr/local/src/bridge/brctl # chmod 700 /usr/local/sbin/brctld |
Also now you can copy the new man-page to a decent place, as shown in Example 5.