Let me summarise things again:
In 2.2, firewalling is done by testing packets against the chain with the
same name as the bridge.
In 2.4, firewalling is done against the regular FORWARD chain. Furthermore,
if you have a recent-ish patchset, you'll find that NAT also (sort-of, it
seems) works by using the standard PREROUTING/POSTROUTING/OUTPUT chains.
The whole idea of using a chain with the same name as the bridge interface
is silly, unnecessary, and unintuitive. From a firewalling point of view,
there should be no differences between routing and bridging, IMHO.
On Tue, Sep 18, 2001 at 10:07:16PM +0200, Tim Skopnik wrote:
> hi, all!
> maybe the intention of my previous mail got lost in my bad english...
>
> will try it the other way around:
>
> i use an 2.4.9 kernel with the latest (?) patches installed
> (http://bridge.sourceforge.net/devel/bridge-nf/20010907-2/)...
>
> WHICH chains (of which table?) may I use and for WHAT are there useful?
>
> I have allready read the HOWTO and FAQ but both look like outdated to
> me... besides: this question seems to be common (see "iptables" -
> thread)
>
> thanx a lot for help
>
> cu. Tim
> _______________________________________________
> Bridge mailing list
> [EMAIL PROTECTED]
> http://www.math.leidenuniv.nl/mailman/listinfo/bridge
--
I are sigfile disease!!
All your quote are belong to us.
Copy us every "sig"!
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
