Re: Kernel Routing and the IntraNet

From: Henrik Nordstrom
Date: Tue Sep 13 2005 - 09:58:57 EST


On Tue, 13 Sep 2005, Al Boldi wrote:

Firewalling on a bridge?

Yes, Linux does soppurt this.

Does this mean that the bridge does not operate on the physical level of the
dev, or is it ARP-FW?

It's doing bridgeing at the MAC level but peeking into the packet contents for firewalling.

There is no such thing as "operate on the physical level of the dev". The devices just puts the packets into memory and hands them over to the kernel, where bridgeing is then implemented on the CPU.

Also, ifconfig eth0 up does not add the dev in /proc/../ipv4/conf, but
ifconfig eth0 0 does?!

Well, without setting an ip you haven't enabled IP on the device..

Regards
Henrik
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html