On Aug 30, 2007, at 3:42 PM, Michael L Torrie wrote: > Joshua Draper wrote: >> Argh! It appears you are correct. The ironic thing is traffic gets >> passed just fine if you have the filtering rules turned off. But the >> whole point of the machine, filtering, does not work if the bridge >> does not have an IP address. Thanks for pointing that out. I guess >> it needs to be behind a router. > > No that's not true. A bridge works fine, even without *any* ip > address > assigned to any interface. It merely needs the interface. That's the > nice thing about a bridge. It's completely transparent to either side > and doesn't show up in a traceroute.
True the bridge works fine without an IP address, but as Andrew said, the actual filtering of the web content requires the bridge to have an IP address. It has something to do with ebtables and iptables and the default gateway. I am not sure why, but if the bridge does not have an IP address, the LAN machines behind it can't get webpages. IM, email, rdp all work fine through the bridge, but no webpages. Joshua Draper Department of Civil and Environmental Engineering Brigham Young University -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
