urgrue wrote:
> yeah i meant third party, like maybe TIS FWTK, FW-1, Dante, T-Rex, i'm
> wondering if any of these would work on a non-routing (ie
> bridging/switching) transparent gateway.
Ask them. I don't know if any of these implements transparent
firewalling, but it is quite likely some do.
> > To do it fully transparent you basically need a bridge, or
> > alternatively
> > proxy-arp if there is only IP traffic involved.
>
> its been over a year since i looked into proxy-arp...ill look it up
> again...
It is quite simple. By playing with ethernet MAC addresses you
"automatically" introduce a router hop routing between two segments of
the same IP network without having to configure routing on each side.
Sort of like an IP bridge that must be manually configured with wich
stations are on each side and it is IP only. Not as transparent as a
ethernet bridge, but at least as efective if all you need is to introduce
a firewall between a router and your network.
--
Henrik Nordstrom
MARA Systems AB
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
