Uni Campus
(Class B) __________
------------------------|----------| My f/wall|-------My lab ethernet
| (part of uni class B)
-----------------
| Uni routers |
| which are also |
| my default rtrs|
My proposed firewall box has a pair of ethernet adapters, but how do I get
traffic to be transferred from one to the other (after passing the
ipchains filter checks) without involving routing?
I have seen a suggestion (HOWTO/mini/Bridge) to turn the f/w machine
into a bridge (compile a kernel with BRIDGING enabled) and then
put both adapters into promiscuous mode. Will this do the trick?
At what point in the networking does the firewall filtering get
applied. Is it to every packet as it comes in/goes out of the
ethernet adapters or is it during the routing process?
I've looked at many HOW-TO's, the O'Reilly 'Linux device-driver' book
and the 2.2.5 source, but I cant get a feel for the way the
components of the networking code interact, and so I dont know whether
what I want to do is even possible.
Also, I just read in the LRP FAQ that the 3Com Vortex and Boomerang cards
are bad news. Of course, I have one of each in my proposed system...
TIA
Terry.
Terry Horsnell (tsh@mrc-lmb.cam.ac.uk)
Computer Manager
Medical Research Council
Lab of Molecular Biology
Hills Road
CAMBRIDGE CB2 2QH
U.K.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/