At 02:08 PM 1/18/00 -0600, Jeff Noxon wrote: >Can anything that runs on Linux do reliable network bridging & filtering? >I need a transparent filter that I can drop into an existing network. > >Ipfilter will do the job with Open/NetBSD. It may work on Linux, but >requires kernel 2.0.35 and isn't compatible with glibc.
Another guy ask -something like that- before, I replied with an answer that worked ;-) Here is my reply and maybe you can use parts of it: (You don't want to use this route config ;-) > This has been a while but here it goes: > > Please test if the next settings will do the trick. > The debian box cannot be reached from the inet or lan, > We can do something about the lan connection though... > > Note: Filtering firewall is WIDE open! > Note: There is a route for all IP's because they are > on the same subnet (netmask) but NOT on the > same network device! > Note: Youre gateway is 63.225.131.78 > > root# ifconfig lo 127.0.0.1 > root# ifconfig eth0 0.0.0.0 promisc > root# ifconfig eth1 0.0.0.0 promisc > > root# route add 63.225.131.73 eth0 > root# route add 63.225.131.74 eth0 > root# route add 63.225.131.75 eth0 > root# route add 63.225.131.76 eth0 > root# route add 63.225.131.77 eth0 > root# route add 63.225.131.78 eth1 > > root# ipchains -P input ACCEPT > root# ipchains -P forward ACCEPT > root# ipchains -P ouput ACCEPT > root# ipchains -F > root# ipchains -X > > Please send me your results.... > > Good luck! > > Onno
