Hello, > a firewall needs to have IP routing capabilities to be able to enforce > rules (same for a packet filter), ? A proxy firewall doesn't need to have IP routing capabilities (eg. forwarding packet between interfaces). And a proxy firewall is definietly a firewall. (some people doesn't call packet filters as firewalls, that's true, they mean a proxy under the term: firewall)
> but there is no IP routing going on as the network on one side of the > bridge is the *same* as the network on the other, for instance > 192.168.1.0/24. Why does IP routing is so important if you want to build a packet filter? The goal is to have the ability to deny or allow packets through the device. -------------------------------------------------------------------------- Attila Nagy e-mail: [EMAIL PROTECTED] Budapest Polytechnic (BMF.HU) @work: +361 210 1415 (194) H-1084 Budapest, Tavaszmezo u. 15-17. cell.: +3630 306 6758
