Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:firewall:fw3_configurations:bridge [2023/09/17 22:54] – add vgaetera | docs:guide-user:firewall:fw3_configurations:bridge [2023/10/14 05:41] – use service invocation vgaetera | ||
|---|---|---|---|
| Line 11: | Line 11: | ||
| ===== Command-line instructions ===== | ===== Command-line instructions ===== | ||
| + | Assuming a setup with bridged LAN and WAN interfaces. | ||
| Install the required packages. | Install the required packages. | ||
| Enable bridge firewall intercepting DNS queries and filtering transit traffic from '' | Enable bridge firewall intercepting DNS queries and filtering transit traffic from '' | ||
| Line 30: | Line 31: | ||
| nft flush table bridge filter | nft flush table bridge filter | ||
| nft add chain bridge filter prerouting \ | nft add chain bridge filter prerouting \ | ||
| - | { type filter hook prerouting priority | + | { type filter hook prerouting priority |
| nft add rule bridge filter prerouting meta \ | nft add rule bridge filter prerouting meta \ | ||
| l4proto { tcp, udp } th dport 53 pkttype set host \ | l4proto { tcp, udp } th dport 53 pkttype set host \ | ||
| ether daddr set " | ether daddr set " | ||
| nft add chain bridge filter forward \ | nft add chain bridge filter forward \ | ||
| - | { type filter hook forward priority | + | { type filter hook forward priority |
| nft add rule bridge filter forward iifname " | nft add rule bridge filter forward iifname " | ||
| oifname " | oifname " | ||
| Line 43: | Line 44: | ||
| uci set firewall.bridge.path="/ | uci set firewall.bridge.path="/ | ||
| uci commit firewall | uci commit firewall | ||
| - | / | + | service |
| </ | </ | ||
| Line 56: | Line 57: | ||
| <code bash> | <code bash> | ||
| # Log and status | # Log and status | ||
| - | / | + | service |
| # Runtime configuration | # Runtime configuration | ||