On 8/30/07, Joshua Draper <[EMAIL PROTECTED]> wrote: > > > On Aug 30, 2007, at 3:42 PM, Michael L Torrie wrote: > > > Joshua Draper wrote: > >> Argh! It appears you are correct. The ironic thing is traffic gets > >> passed just fine if you have the filtering rules turned off. But the > >> whole point of the machine, filtering, does not work if the bridge > >> does not have an IP address. Thanks for pointing that out. I guess > >> it needs to be behind a router. > > > > No that's not true. A bridge works fine, even without *any* ip > > address > > assigned to any interface. It merely needs the interface. That's the > > nice thing about a bridge. It's completely transparent to either side > > and doesn't show up in a traceroute. > > True the bridge works fine without an IP address, but as Andrew said, > the actual filtering of the web content requires the bridge to have > an IP address. It has something to do with ebtables and iptables and > the default gateway. I am not sure why, but if the bridge does not > have an IP address, the LAN machines behind it can't get webpages. > IM, email, rdp all work fine through the bridge, but no webpages.
The reason is that with the fitlering, you are using a proxy which is actually doing the talking for the client to the various servers. It's a middle man and as such needs to be able to send traffic and receive traffic which requires an IP. -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
