--On Sunday, March 16, 2003 01:55:51 PM -0500 "Errol U. Neal"
<errol.neal@enhtech.com> wrote:
> Hello,
>
> I wanted to post a question to the developers of shorewall to ask whether
> or not bridge interaction would be included in future releases of
> shorewall, specifically ebtables with the use of the iptables physdev
> match module.
At this point, it seems unlikely.
> I am currently using shorewall with proxy arp. My box has
> three interfaces, WAN, LAN and DMZ. I use proxy arp between the WAN and
> the DMZ, but I''d honestly rather be bridging between those two
interfaces
> but It is not really clear to me yet how to get the two interact. Is
> there a way I could extend the capability of shorewall for myself to
> allow for the use of the physdev module? I am not a list subscriber so
> I''d appreciate if the reply would go directly to me.
>
What I would like to see is for someone to start with Shorewall 1.4.0 and
adapt it to do nothing but bridged firewall. Rename the product Shorebridge
or something and support it as a separate product. While I am currently
involved in a project to access the feasibility of adapting Shorewall for
use in a bridged and in routed environments, I''m not optimistic at this
point that it will turn out to be something I''m willing to do.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://www.shorewall.net
Washington USA \ teastep@shorewall.net