Samuel Olampi wrote: > Dear shorewall list enthusiasts, > > I recently set up a dedicated linux box running shorewall > in order to isolate my network from the "evil other side" :) > > It works so well that I first have to thank and congratulate > everybody that took part in this project ! > > Then, I have a question, that separates my setup from "wonderful" > to "heaven" : I activated the "bridge" setup of shorewall so > that my box is as transparent as possible for all the servers > inside and outside my network. > > I would like to get rid of the "xxxx -> (broadcast) ARP C Who is yyyy?" > traffic that is happening on the outside and get repeated on my > network, through my shorewall box, because of the bridge setup. > > How can this be done, if it can be done at all ?
It cannot be done using anything short of the arpfilter utility. And of course you still have to let the broadcasts through when they relate to one of the hosts on the inside of the firewall. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
