* Mike Barton <mike@dad.state.vt.us> [2001.10.19 15:00:56-0400]: > Hi all! Here's the story... I'd like to setup a dual NIC Debian box to act > as a filtering bridge. The goal is to filter IP traffic in by port and, > hopefully, other protocols. For example, I'd like to ship traffic destined > to two (or more) web servers to their respective hosts untouched. However, > any other IP requests for port 80 would be silently dropped. The traffic > through the bridge would use real IP addresses which makes NAT unsuitable. bridges don't know nothin' about IP. what you are talking is a router. bridges only talk e.g. ethernet (MAC addresses). > Any pointers, hints, greatly appreciated.... kernel 2.2 on the machine: ipchains kernel 2.4 on the machine: iptables have a look at the HOWTOs for ipchains at linuxdoc.org or for iptables at netfilter.samba.org. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck riesco a leggerti i pensieri. dovresti vergognarti.
Attachment:
pgphNj2zcnste.pgp
Description: PGP signature