For the moment that's correctly works just with the bridge rule, I use it with the staging servers since 1 week.
I have change the default gateway on the servers behind the bridge, I use the ip bridge as gateway that's stay transparent in the traceroute and the iptable works with the FORWARD rule without problem. The input data don't see the bridge and the output data have a hope with mark * * in traceroute. On debian I have just install the bridge-utils and read the HOWTO that's very easy install in few minutes. Before I used the proxy-arp and I'd rather this other solution. But the jigal mail is correct I don't have install the netfilter patch, I hope an other possibility ( I d'ont like patch the staging server kernel ) but that doesn't work without the patch so I change my default gateway for the moment. thx ----------------------- François Bayart [EMAIL PROTECTED] +33 1 49 27 98 30 +33 6 87 84 18 82
