Re: iptables with a linux bridge

To: Simon Murcott <simon@murcott.net>
Cc: <debian-security@lists.debian.org>
Subject: Re: iptables with a linux bridge
From: John Galt <galt@inconnu.isu.edu>
Date: Wed, 28 Nov 2001 20:51:07 -0700 (MST)
Message-id: <[🔎] Pine.LNX.4.33.0111282050360.2770-100000@inconnu.isu.edu>
Mail-followup-to: galt@inconnu.isu.edu
In-reply-to: <[🔎] Pine.LNX.4.32.0111291627270.19291-100000@server.murcott.net>

On Thu, 29 Nov 2001, Simon Murcott wrote:

>On Thu, 29 Nov 2001, martin f krafft wrote:
>
>>okay, so i read the FAQ, they are possible. but they don't make sense.
>>in fact, i will argue that as soon as you employ netfilter or
>>ipchains on a linux bridge, you don't have a bridge anymore! you won't
>>have a packet filter or router either, but it's not going to be a
>>bridge as it concerns itself with the payload encapsulated in
>>802.2/802.3
>
>One point you are missing is that it is possible using this kind of
>configuration to create a firewall where you cannot address any of it's
>external interfaces. So how can you do an intrusion attack on a firewall
>that you cannot address?

I like to think they call something like that Hogwash...:)

>
>

-- 
The early worm gets the bird.

Who is John Galt?  galt@inconnu.isu.edu, that's who!

Reply to:

References:
- Re: iptables with a linux bridge
  - From: Simon Murcott <simon@murcott.net>

Prev by Date: Re: iptables with a linux bridge
Next by Date: Re: iptables with a linux bridge
Previous by thread: Re: iptables with a linux bridge
Next by thread: Re: iptables with a linux bridge
Index(es):
- Date
- Thread