Re: Definitive Bridge+Firewall

From: Michael Kujawa (kujawa@cs.ucf.edu)
Date: Mon Jan 24 2000 - 01:46:30 EST


> Afaik there are currently 2 ways of doing bridge+firewall:
>
> 1) Extending the bridge code to support firewall seems to have been
>implemented in 1998 by AC2I. This patch can be found in their site:
>http://ac2i.tzo.com/bridge_filter/

Thanks for pointing this out, you saved me some "leg-work". FYI, it is
working beautifully for me (though it only filters IP, of course.)

>By the other way, in case
>gurus think that AC2I patch is good, why it can't be part of a
>production kernel?

I would also like to hear opinions on that patch. The patch is fairly
small and transparent firewalling seems like a power Linux should have by
default.

-Mike
kujawa@cs.ucf.edu

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu



This archive was generated by hypermail 2b29 : Mon Jan 31 2000 - 21:00:32 EST