> > My question -- is there any way to set up a packet-filtering bridge
> > using Linux? (including coding)
>
> Ok there are two ways to do this
I am curious: The Network Associates WebShield LX for Linux does exactly this
- it is a bridge which is placed on the transit route between your internal
net and the external internet, but inside the internal net. (I hope you can
follow my non-coffee explanations;)
It requires no modifications at all to the network structure, since it works
as a bridge. It claims to protect the internal network against virii etc -
last I checked it did transparent proxying.
It uses a modified 2.0.28 kernel. Currently I do not have access to the CD
(the webshield comes as a few meg tar file which is just unpacked to hd by the
installation program) to check, but does anyone know how they do this?
The mods to all GPL code (ie the kernel) are on the CD. Maybe that would be a
useful starting point - they will have to make the mods available to anyone
who asks ;-) www.nai.com.
Sincerely,
Lars Marowsky-Brée
-- Lars Marowsky-Brée Network Managementteuto.net Netzdienste GmbH - DPN Verbund-Partner
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/