5. Preparing The Bridge

This section describes what you need and how you do to prepare your bridge.

5.1. Get The Files

Here you can find a list of the files and down-loads you will need for the setup of the bridge. If you have one of the mentioned files or packages on your distribution, of course there is no need to create network load.

I'll only mention the files for the 2.2.14 kernel. If you want to try a different one (e.g. 2.2.15 or the recent development kernel) just replace the kernel version number and look whether you find it.

Important: You have read the abstract, didn't you? So you know that there is no need to download any kernel-patch if you're working with a kernel later than 2.3.47.

File and package list

Unpatched kernel-sources

E.g. linux-2.2.14.tar.bz2 available from your local kernel.org mirror. Please check first if you find it in your distribution (take unpatched kernel-sources). If you don't, please check The Linux Kernel Archive Mirror System for a close by mirror and down-load it from there.

Bridge patches

Note: If your kernel is later than 2.3.47 you don't need this. The bridging is part of the mainstream from that version.

Get the bridge kernel patches for your kernel version from http://www.math.leidenuniv.nl/~buytenh/bridge/. Identify the file by the kernel number.

Note: There are also patches allowing to work with IP chains. I never tried it, for I don't see the need to fire-wall inside my LAN, and absolutely no need to bridge against the outer world. Feel free to contribute about that issue.

Kernel patches for the stable 2.2 kernel.

Available Kernel patches

bridge-0.0.9-against-2.2.18.diff, the main kernel patch against 2.2.18

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.9-against-2.2.18.diff

bridge-ipchains-against-0.0.9-against-2.2.18.diff, an add-on patch for bridge firewalling against 2.2.18

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-ipchains-against-0.0.9-against-2.2.18.diff

bridge-0.0.8-against-2.2.18pre19.diff, the main kernel patch against 2.2.18pre19.

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.8-against-2.2.18pre19.diff

bridge-0.0.8-against-2.2.17-0.5.diff, the main kernel patch against 2.2.17-0.5

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.8-against-2.2.17-0.5.diff

bridge-ipchains-against-0.0.8-against-2.2.18pre19.diff, an add-on patch for bridge firewalling against 2.2.18pre19

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-ipchains-against-0.0.8-against-2.2.18pre19.diff

bridge-ipchains-against-0.0.8-against-2.2.17-0.5.diff, an add-on patch for bridge firewalling against 2.2.17-0.5

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-ipchains-against-0.0.8-against-2.2.17-0.5.diff

bridge-0.0.7-against-2.2.18pre15.diff, the main kernel patch against 2.2.18pre15

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.7-against-2.2.18pre15.diff

bridge-ipchains-against-0.0.7-against-2.2.18pre15.diff, an add-on patch for bridge firewalling against 2.2.18pre15

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-ipchains-against-0.0.7-against-2.2.18pre15.diff

bridge-0.0.7-against-2.2.17.diff, the main kernel patch against 2.2.17

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-0.0.7-against-2.2.17.diff

bridge-ipchains-against-0.0.7-against-2.2.17.diff, an add-on patch for bridge firewalling against 2.2.17

http://www.math.leidenuniv.nl/~buytenh/bridge/patches/bridge-ipchains-against-0.0.7-against-2.2.17.diff

Bridge configuration utilities

You also will need the bridge configuration utilities to set up the bridge Section 6. You can also download them from http://www.math.leidenuniv.nl/~buytenh/bridge/.

5.2. Apply The Patches

Note: If your kernel is later than 2.3.47 you don't need this. The bridging is part of the mainstream from that version.

Apply the bridging patch your kernel. If you don`t know how to do that read the Kernel-HOWTO which can be found in your distribution or at http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html

Example 1. Applying a kernel patch

root@mbb-1:~ # cd /usr/src/linux-2.2.14
root@mbb-1:/usr/src/linux-2.2.14 # patch -p1 < \
    bridge-0.0.5-against-2.2.14.diff
.
.
      

5.3. Configure The Kernel

Now it's time we configure our freshly patched kernel to create the ability to bridge.

Run makeáconfig, makeámenuconfig or the click-o-rama makeáxconfig. Select bridging in the networking option section to be compiled as a module. AFAIK there is no strong reason why not to compile it as a kernel module, whereas I heard rumors about problems with compiling the bridging code directly into the kernel.

root@mbb-1:~ # cd /usr/src/linux-2.2.14
root@mbb-1:/usr/src/linux-2.2.14 # make menuconfig
.
      

5.4. Compile The Kernel

Compile your kernel Example 2. Make the new compiled kernel-image to be loaded. I don't know if the kernel patches only apply to the bridging-module or also modify some interfaces inside vmlinuz. So it might not be a error to give a reboot after you updated the kernel-image.

Example 2. Commands To Compile Your Kernel

root@mbb-1:/usr/src/linux-2.2.14 # make dep clean zImage modules modules_install zlilo
...
      

5.5. Compile The Bridge Utilities

This is how to compile and install from the scratch. Just unzip the utilities-tarball, cd into the newly created directory and give a make.

Example 3. Commands To Compile Your Bridge-Utilities

root@mbb-1:/usr/src/linux-2.2.14 # cd /usr/local/src
root@mbb-1:/usr/local/src/ # tar xzvf bridge-utils-0.9.1.tar.gz
.....
....
root@mbb-1:/usr/local/src # cd bridge
root@mbb-1:/usr/local/src/bridge # make
.....
....
      

After the compilation shown in Example 3 have worked properly, you can copy the executables to let's say /usr/local/sbin/ (at least I did). So the commands you have to give should be clear, but to be complete see Example 4

Example 4. Copy The Binaries Of The Utilities

root@mbb-1:/usr/local/src/bridge # cd brctl
root@mbb-1:/usr/local/src/bridge/brctl # cp brctl /usr/local/sbin
root@mbb-1:/usr/local/src/bridge/brctl # chmod 700 /usr/local/sbin/brctl
root@mbb-1:/usr/local/src/bridge/brctl # cp brctld /usr/local/sbin
root@mbb-1:/usr/local/src/bridge/brctl # chmod 700 /usr/local/sbin/brctld
      

Also now you can copy the new man-page to a decent place, as shown in Example 5.

Example 5. Copy The Man-page Of brctl

root@mbb-1:/usr/local/src/bridge # cd doc
root@mbb-1:/usr/local/src/bridge/doc #  gzip -c brctl.8 > /usr/local/man/man8/brctl.8.gz