SinChanKeppel wrote: > > what is the well known problems for bridge firewall in kernel 2.4.9?
Yes, if netfilter ip_conntrack is loaded then the bridge will trash fragmented packets (the MAC level header gets replaced by garbage). If you are not using netfilter ip_conntrack (either directly by state matches, or indirectly by NAT) then bridge firewalling should work just fine. Regards Henrik Nordstr�m MARA Systems AB, Sweden _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
