X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=README;h=23c350f9a21d01fa27b63df1008ad453eb64f2e3;hp=2f0840dc90656f3a256e9e62d89b0b004ebb59e5;hb=cdf17f8459f2a96d595beb6e40102d6ac24ecbab;hpb=97156ecc4a3061c92ae9613a9e7d543bcd39d8e8

diff --git a/README b/README
index 2f0840d..23c350f 100644
--- a/README
+++ b/README
@@ -107,6 +107,24 @@ iface pm0 inet static
 	gateway  192.168.10.1
 	VETH_BRIDGETO vmbr0
 
+auto vmbr1
+iface vmbr1 inet manual
+      bridge_ports none
+      bridge_stp off
+      bridge_fd 0
+
+# setup masqueraded bridge port vmbr1/pm1
+auto pm1
+iface pm1 inet static
+       address 10.10.10.1
+       netmask 255.255.255.0
+       VETH_BRIDGETO vmbr1
+       post-up   iptables -t raw -A PREROUTING -s '10.10.10.0/24' -i vmbr1 -j CT --zone 1
+       post-up   iptables -t raw -A PREROUTING -d '10.10.10.0/24' -i vmbr1 -j CT --zone 1
+       post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o pm0 -j MASQUERADE
+       post-down iptables -t nat -F POSTROUTING
+       post-down iptables -t raw -F PREROUTING
+
 ...
 
 --------------------------------