Why don't you give the br0 an IP !!? On 4/27/05, traef06@xxxxxxxxxxxxxxxxxx <traef06@xxxxxxxxxxxxxxxxxx> wrote: > Thank you. > > So, just for my clarification, if I have eth0 (outside interface) and eth1 as my internal interface and they both > are used to form br0, I could assign eth0 an external IP address so that I can ssh into the box for management? > > Am I following his correctly? > > Then can I also assign eth1 an internal IP address so that I can manage it from within as well? This won't harm the bridge > interface br0? > > Thank you in advance for all your assistance. > > > Thomas J. Raef > e-Based Security, Inc. > "You're either hardened, or you're hacked!" > > -------- Original Message -------- > > From: Mohamed Eldesoky <eldesoky.lists@xxxxxxxxx> > > Sent: Tuesday, April 26, 2005 3:32 AM > > To: traef06@xxxxxxxxxxxxxxxxxx > > Subject: Re: Management of bridged iptables > > > > You can give the firewall an IP address, on any interface, whether > > part of the bridge or not part of the bridge. > > This will still keep the firewall stealthy (not shown in traceroutes), > > as that IP is not a gateway for any server !! > > > > On 4/26/05, traef06@xxxxxxxxxxxxxxxxxx <traef06@xxxxxxxxxxxxxxxxxx> wrote: > > > I've been scouring Google searches looking for an answer. If this is the wrong forum, please forgive me. > > > > > > I want to be able to setup iptables and I guess ebtables for a bridged firewall. My problem is that I also need to be able > > > to manage this remotely like with ssh or something. > > > > > > How do I do this and still be able to maintain a "stealthy" firewall? > > > > > > Thank you in advance for any help. > > > > > > Thomas J. Raef > > > e-Based Security, Inc. > > > "You're either hardened, or you're hacked!" > > > > > > > > > > > > -- > > Mohamed Eldesoky > > www.eldesoky.net > > RHCE > > -- Mohamed Eldesoky www.eldesoky.net RHCE
