Hi, What you are talking about is a Filtering Bridge. This device is basically an intelligent bridge, where only one interface is configured and the other isn't (in ifconfig). Because the machine is a bridge, all data is duplicated onto the second "unconfigured" interface, thus you have two identicle interfaces.
However, for data to get to the other board, it has to pass through the kernel (and thus ipfw), so it is filtered. For a nice tuturial (and more detail than I have given above) check: http://www.freebsd.org/doc/en_US.ISO8859-1/articles/filtering-bridges/index. html Cheers -G ----- Original Message ----- From: "ashley thomas" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, January 06, 2002 2:17 AM Subject: Firewall: a basic question > hi, > > which is the lowest layer where a firewall can be implemented ? > i guess, it is network layer (layer 3) > > in that case , how is firewall implemented on bridges , which is a layer 2 > device ? > > thanks > ashley > > > > > _________________________________________________________________ > Chat with friends online, try MSN Messenger: http://messenger.msn.com > > >
