Ok, so: 1) Itables and ebtables can work together, just need to patch the kernel with:
iptables from netfilter.org bridge bridge-nf-0.0.6-against-2.4.18.diff ebtables from http://users.pandora.be/bart.de.schuymer/ebtables/sourcecode.html ebtables-v1.02.tar.gz AND ebtablesv1.0_vs_nf-0.0.4.diff wright? 2) In diverter.sourceforge.net They say: "Here, packets are simply traversing the bridge, and setting up a redirection rule like: ipchains -A input -i eth1 -p tcp -d 0/0 80 -j REDIRECT 8080 won't help, 'cause packets are not aimed at the Linux box. That's where I come with the patch, which basically replaces the router's mac address by the mac address of eth1 for TCP packets with dst port of 80. That way, packets are traversing the Linux ip firewall and are treated by the above redirection rule :-)" Can ebtables replace the router's mac addess by the mac address of eth1 for tcp packets to be redirected? Thanx again! Jorge S. BTW: All this stuff about firewall bridging just rulez!!! It's way better than many commercial solutions... congratz to everybody that made it possible! _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
