On Tue, 13 Sep 2005, Al Boldi wrote:
Firewalling on a bridge?
Yes, Linux does soppurt this.
Does this mean that the bridge does not operate on the physical level of the dev, or is it ARP-FW?
It's doing bridgeing at the MAC level but peeking into the packet contents for firewalling.
There is no such thing as "operate on the physical level of the dev". The devices just puts the packets into memory and hands them over to the kernel, where bridgeing is then implemented on the CPU.
Also, ifconfig eth0 up does not add the dev in /proc/../ipv4/conf, but ifconfig eth0 0 does?!
Well, without setting an ip you haven't enabled IP on the device.. Regards Henrik - : send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
