We will be adding a bridge `vnet0` to interface `eth0`
```bash
[root@otoscope ~]# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.000000000000 yes
```
Now add this to `/etc/sysconfig/network-scripts/ifcfg-vnet0`
```bash
DEVICE=vnet0
TYPE=Bridge
BOOTPROTO=dhcp
ONBOOT=yes
```
Add `BRIDGE=vnet0` to `/etc/sysconfig/network-scripts/ifcfg-eth0`:
```bash
# Intel Corporation 82579LM Gigabit Network Connection
DEVICE=eth0
BOOTPROTO=dhcp
HWADDR=00:25:90:53:A0:43
ONBOOT=yes
BRIDGE=vnet0
```
Restart the network service and add the bridge:
```bash
service network restart
brctl addif vnet0 eth0
```
Check:
```bash
[root@otoscope ~]# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.000000000000 yes
vnet0 8000.00259053a043 no eth0
```
Now add STP with:
brctl stp vnet0 on
Firewall Rules
--------------
Make sure that you've set up the proper forwarding rules with IPTables.
Don't use a general free-for-all like this, though:
iptables -A FORWARD -m state --state NEW -j ACCEPT
References
----------
* [A most **excellent** overview of the `brctl`
command](http://www.lainoox.com/bridge-brctl-tutorial-linux/).
* [Here's another](http://www.dd-wrt.com/wiki/index.php/Brctl_command).