> This was the point I was making- layer 2 contamination of the > internal network is possible. That's just with ARP too, I wonder > if the default stuff that most bridged products pass is just ARP > and IP traffic, or if there are more interesting "through the > bridge" things possible.
Our firewall, does not actually just copy the ARP packet on to another interface, it is well aware if the ARP should go to that interface or not. MAC addresses claiming to now suddenly be on the other side of the firewall can be ignore (set by default) so layer 2 contamination is not really an issue. Maybe with other bridged firewalls it is though. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
