taproot420 wrote: > How can you use a bridge for a proxy? A bridge does not have IP protocol > addresses associated with its interfaces, it only has Ethernet > addresses. I don't think you can use a bridge for anything other than a > filtering gateway at least not network wise. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Ken Diliberto > Sent: Tuesday, June 11, 2002 5:06 PM > To: [EMAIL PROTECTED] > Subject: FTP Proxy with IPF 3.4.28 > > I tried using the FTP Proxy on my little OpenBSD 3.1 machine running as > a bridge. It appears the proxy will not kick in because the NAT engine > isn't used for the bridge. Is there any way around this? Am I doing > something wrong? It's a generic install of OpenBSD and IPF. > > Thanks. > > Ken
The FTP proxy doesn't theoretically require an IP address. It just sits inline and adds rules as it observes PORT commands. It may not work, but there's no reason it couldn't work theoretically in a bridge configuration. There's no real reason NAT couldn't serve a limited function in a bridge configuration as well. Just because an address gets translated doesn't mean that the resulting address must reside on the firewall. It just needs to have arp in place so it gets routed back. Again, I'm talking theory here, not practice. -- Jefferson Ogata <[EMAIL PROTECTED]> NOAA Computer Incident Response Team (N-CIRT) <[EMAIL PROTECTED]>
