On Mon, 15 Mar 2004 [EMAIL PROTECTED] wrote: > > I see I misread the shorewall requirement line on that page. What extra does > full bridge functionaliy give? > > I don't completely understand how briding works, just how I made it work with > shorewall and bering. The bering user guide said that bridging and shorewall > don't work which is why I assumed that shorewall 2.0 had been the difference. >
I make the statement that Shorewall doesn't work with bridging because prior to the availability of the experimental code, it was not possible to associate a Shorewall zone with a bridge port. Nevertheless, as you and others have discovered, it is possible to associate a zone with the bridge itself and using ip-address or MAC filtering, it is even possible to control traffic through the bridge. The new bridge code which will be released in Shorewall 2.0.1 will allow you to associate zones with bridge ports. That is made possible by the fact that the physdev match capability is available as a standard part of the 2.6 kernels (it is still an add-on under 2.4). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
