Re: Decent iptables script for bridging?

To: debian-security@lists.debian.org
Cc: decoder@wjpserver.cs.uni-sb.de
Subject: Re: Decent iptables script for bridging?
From: Blars Blarson <blarson@blars.org>
Date: Wed, 24 May 2006 08:32:37 -0700
Message-id: <[🔎] 200605241532.k4OFWbR3004638@renig.nat.blars.org>
In-reply-to: <[🔎] 447311A4.2020406@wjpserver.cs.uni-sb.de>

In article <[🔎] 447311A4.2020406@wjpserver.cs.uni-sb.de> 
decoder@wjpserver.cs.uni-sb.de writes:
>I'm currently setting up a bridge on Debian, which is meant to act as
>an invisible filter in our network which is otherwise directly exposed
>to the internet (every host directly reachable from the internet, no
>NAT or anything like that).
>
>I found a good Debian howto that describes this setup, but I was
>wondering if there is an iptables firewall script which is meant for
>that kind of setup. All iptables scripts I know are for NAT or Home
>Firewalling (including dialup etc).
>
>
>Thanks in advance for useful hints.

You may want to consider a single-address proxy-arp firewall instead.
See http://www.blars.org/sapaf.html

-- 
Blars Blarson			blarson@blars.org
				http://www.blars.org/blars.html
With Microsoft, failure is not an option.  It is a standard feature.

Reply to:

References:
- Decent iptables script for bridging?
  - From: Christian Holler <decoder@wjpserver.cs.uni-sb.de>

Prev by Date: Re: Request for comments: iptables script for use on laptops.
Next by Date: Hadi-Michel Makhlouf/7939/Skolverket är inte på kontoret.
Previous by thread: Re: Decent iptables script for bridging?
Next by thread: Hadi-Michel Makhlouf/7939/Skolverket är inte på kontoret.
Index(es):
- Date
- Thread