On Mon, Nov 06, 2000 at 09:32:19PM -0800, IML-debian-firewall wrote: > Brian, > > I assume by "transparent" you mean without normal IP routing and without > consumption of (two) IP addresse(s). > > This part I do know a little about. Proxy-ARP has been used with success by > some users who run LRP ( http://www.linuxrouter.org/ ) ... and there is also > a driver that allows the firewall interfaces to work in bridging mode.... so > there are two solutions I know of. > > As an aside, a lot of research I have done says that OpenBSD is a nearly > perfect platform for transparent... lots of people have been using it this > way for years when it seems that Linux is just getting into the game.
Yes, this is what I meant by transparent filtering, it's interesting because it pretty much eliminates any attack to 'own' the firewall, without an ip address.. connecting to it is well.. difficult. thanks for the info, i'd heard about it with ipf before, but never linux ipchains/netfilter, etc. > > Stephen Gutknecht > Renton, Washington > > > -----Original Message----- > From: Brian Russo [mailto:[EMAIL PROTECTED] > Sent: Monday, November 06, 2000 6:06 PM > To: IML-debian-firewall > Cc: [email protected] > Subject: Re: Newbie, someone have how-to on from-scratch Debian > firewall? > > somewhat unrelated note.. > anyone know how well linux does transparent filtering? anyone tried this? > > - brian. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- +------------------------------------------------------------- | Brian Russo <[EMAIL PROTECTED]> GPG ID: 54D81666 | 404E 87E8 DD0C 275B 742B 09AD 2243 839C 54D8 1666
