Hi all:
I've built a Linux bridge with 2.4.16 + patch found on http://bridge.sourceforge.net/. I want to do filtering with iptables. 1) I've set up a two-ports bridge named "br0". I've done some fast tests. I can filtering by eth0, eth1 and br0 but I haven't got clear which chains could I use with the various interfaces. I think bridge's faq said that currently only the forward chain would work but it seems other chains also work (input, eg). Is somebody so kind to talk about this issue? 2) Another Q: since I only want to use this machine as firewall does it make sense to filtering by using the br0 device? I mean, perhaps it's faster and more reliable to filter basing on eth0 and eth1 devices, isn't it? Some tips about this issue? 3) Has someone tried to benchmark a machine like this? (fw based on linux+bridge+iptables). For instance, which processor and amount of memory could it be necessary to reach a 100 MB/s throughtput with a x86 machine? Thx in advance. Regards, --Roman _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
