Re: Transparency in the firewall

To: debian-firewall@lists.debian.org
Subject: Re: Transparency in the firewall
From: Michel Kaempf <kaempfm1@cti.ecp.fr>
Date: Thu, 8 Jul 1999 18:55:42 +0200
Message-id: <[🔎] 19990708185542.A1774@via.ecp.fr>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <[🔎] 000401bec8eb$5dd36f40$285018ac@ares.michaelson.cx>; from Jason D. Michaelson on Wed, Jul 07, 1999 at 09:41:22PM -0500
References: <[🔎] 000401bec8eb$5dd36f40$285018ac@ares.michaelson.cx>

On Wed, Jul 07, 1999, Jason D. Michaelson wrote:
> Has this sort of thing been done, and how did you do it?

I think we have done something like that... but... Hem, let me tell
you. We wanted to insert transparently a firewall between two
routers (there was nothing but an ethernet link between these two
routers), but without changing the routers' configuration (i.e without
saying to one router that he should give his packets to the firewall
instead of giving them to the other router).

Unfortunately, we didn't manage to have this work done by a dual homed
linux box, although we tried almost everything, because we needed
bridging (the default firewalling policy was an accept policy), but
bridging+firewalling+transparency doesn't work with the linux kernel for
the moment. That's why we decided to use a freebsd box, and everything
worked fine.

-- 
MaXX

Reply to:

References:
- Transparency in the firewall
  - From: "Jason D. Michaelson" <mich0101@tc.umn.edu>

Prev by Date: Re: Transparency in the firewall
Next by Date: RFC: A security-base package for Debian
Previous by thread: Re: Transparency in the firewall
Next by thread: RFC: A security-base package for Debian
Index(es):
- Date
- Thread