Jonathan Tripathy a écrit : >>>>>>> However, in the /proc/sys/net/ipv4/conf folder, I >>>>>>> don't see my "public" bridge, only the private one. Incidently, the >>>>>>> private one is the only bridge in my system that has an IP address >>>>>>> asigned to it... >>>>>>> >>>>>> Ok. May I ask what is your kernel version ? Older than 2.6.21 ? >>>>>> >>>>> Linux xx.xx.xx.xx 2.6.18-194.8.1.el5xen #1 SMP Thu Jul 1 19:41:05 EDT >>>>> 2010 x86_64 x86_64 x86_64 GNU/Linux >>>>> >>>> As I expected. A change occured in 2.6.21, recent kernels automatically >>>> link interfaces to the IP stack. >>>> >>> So in my case, am I at a disadvantage >>> >> On the contrary, the old behaviour is an advantage if you don't want an >> interface to participate in IP operation. > > Excellent! If I were to upgrade at a later date, is it just a matter of > making sure that everything returns 0 in the above files? Setting net.ipv4.conf.<interface>.forwarding=0 will disable forwarding of IP packets received on <interface>. But I'm afraid it won't disable all IP operation on it (ARP resolution, accept IP packets for local delivery...) -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html