[Shorewall-users] Bridging?

Tom Eastep teastep at shorewall.net
Sun Jun 1 10:05:55 PDT 2003


On Fri, 30 May 2003 20:02:50 +0200, Jan Johansson <j2 at mupp.net> wrote:

>> Maybe -- you can use Proxy ARP provided that .11 doesn't require 
>> broadcast
>> to from the rest of the /24.
>
> Well, AFAIK there is only FTP traffic that i _want_ to bridge.
>
> Uhm, can't i do a "two way" proxy arp, and arp the other two hosts on the
> "other" interface? Or am i just plain dumb?

You can set the 'proxyarp' option on both interfaces in 
/etc/shorewall/interfaces (not dumb at all).

>
> So, the _real_ solution is to move the .11 to a different subnet and 
> route?
>

You will be routing either way -- there is no way to do layer 2 bridging 
with Shorewall.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://www.shorewall.net
Washington USA  \ teastep at shorewall.net



More information about the Shorewall-users mailing list