-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Travis H. wrote: > If you're talking about bridging, then that's in direct conflict with > your desire to admin it from the outside. The only way to admin a > bridging firewall is on the keyboard and monitor directly attached to > it. It is also impossible to download any packages/ports, or do just > about anything than filter/pass packets.
Not necessarily. You could run a TTY on a serial port and connect to it from another trusted computer via a null-modem cable and a terminal emulator (or run SLIP and set up an IP link). Alternately, you could slap an extra NIC into the bridge, assign it an IP address, and make it accessible from a trusted host inside the network. If this trusted host is accessible from outside, then you can effectively administer the bridge from outside your perimeter using either method. Note that I've never done either of these on OpenBSD (actually, I've never set up a bridge on any operating system), but I see no reason why they wouldn't work. Rennie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFEasjfIvU5mZP08HERAg0aAJ9aj7zcWrAawZqXgbfK2P740YNVewCg3zGQ n03OOhZwPWOJgcUtLzWNbTk= =hALI -----END PGP SIGNATURE-----
