On Thu, Jun 06, 2002 at 09:08:27PM +0200, Willi Dyck wrote: > > Your actual content is sent over the ppp device, this is where your utgoing > > ruels are concerned. But you also need to block all data from/to eth1 > > besides the pppoe packets. > > Disagree. If you block packets on ppp0 they won't even reach eth1.
Yes, but packages on the Shared Media do reach your firewall via eth1, and your firewall yould leak ip packets via eth1. Thats why it makes sence to block all packets on eth1. You can alos remove the ip address from that interface, but personally i would not trust the kernel to actually ignore packets in all situations. Greetings Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
