[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall & Bridge



On Tue, 04 Sep 2001, Jayson Johnson wrote:

> Hello,
> I know this question has come up here and there, and I am still 
> haveing trouble getting things to work. I am trying to create a bridge 
> that will also filter out packets (tcp's) and redirect them to another 
> location or deny them. I can do this in a firewall, and get everything to work, but the trick is, I need them to work with the bridge. 
> I built the bridge and it works great.  I can't get the firewall part working I have went to every bridge/firewall site, tried everything that is suggested, and still can't seem to get the firewall to work.  I do not want to setup the box as a router, because there are several hundred users in various locations, etc, that already have there tcp/ip info setup, and there is not one central place that I can pop the box into, to use as a router.  I want it to be completly transparent.  Any suggestions or help?  I am downloading the latest build of debian, and see if 
> that helps. I am using kernel 2.4.2 now.


I believe that 2.4 kernels do allow you to create a bridging firewall.
Only the do not use the regular chains. It uses the PREROUTING and POSTROUTING
chain. 

In /usr/share/doc/bridge-utils 
you can find FIREWALL.IPTABLES which explains this if I recall correctly.



Greets


Jigal

-- 
Zarq:
	Surrender all your closed sources to us.  We are Debian.  
	You will be assimilated.
	- <debian maintainer>



Reply to: