> I don't think anyone has considered writing an alternate firewall
> implementation for Linux 2.4 than the three Netfilter based
> implementations we have (iptables, ipchains compatibility, ipfwadm
> compatibility).
yeah i meant third party, like maybe TIS FWTK, FW-1, Dante, T-Rex, i'm
wondering if any of these would work on a non-routing (ie
bridging/switching) transparent gateway.
> Another option is of course to use the bridge patch for Linux-2.2
> and
> ipchains.
yes but i wanted something beefier than ipchains....
> Please elaborate on beefier.
stateful inspection, maybe even a proxy firewall, maybe even
application-level, maybe even including virus-scanning of
smtp/pop/imap traffic and so forth.
in any case, at least stateful.
> To do it fully transparent you basically need a bridge, or
> alternatively
> proxy-arp if there is only IP traffic involved.
its been over a year since i looked into proxy-arp...ill look it up
again...
thanks,
fred
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
