How Can Configure Linux Routing to Send Packets Out One Interface, Over a Bridge and into Another Interface on The Same Box

How to forward packets from one network interface via another interface

Managed to find the issue.

Whilst adding the route for the container in the other subnet I haven't correctly specified the gateway. The gateway still points to the host machine in which docker is run (see above figure). So I added the correct routing rule specific to the two end-containers - c1 & c3.

c1 - ip route add 10.23.0.0/24 via 10.12.0.1 dev peervpn12
c3 - ip route add 10.12.0.0/24 via 10.23.0.1 dev peervpn23

In the meantime, had to add the correct FORWARD rules in the c2 container's iptables:

 iptables -A FORWARD -s 10.12.0.2 -i peervpn12 -d 10.23.0.2 -o peervpn23 -j ACCEPT
 iptables -A FORWARD -s 10.23.0.2 -i peervpn23 -d 10.12.0.2 -o peervpn12 -j ACCEPT

With this setup I was able to achieve the flow I expected.

Thank You and I don't know why it's down-voted.

Maybe if I know the reason I can correct myself in future :)

Linux: Port Isolation on a Bridge to use OLSR correctly

its as simple as to put all ports into a bridge br0 and then:

ebtables -P FORWARD DROP
ip link set br0 promisc on

(works as expected on an ubnt edgerouter, but was also tested on a linux box before, so should work there too)

Linux: Loopback incoming packets on an interface

I think you can easily achieve this with Python/Scapy. Something like

sniff(iface="eth0", prn=lambda x: sendp(x, iface="eth0"))

should do it.

---

Related Topics