Iptables initialization

ken_i_m at elegantinnovations.net ken_i_m at elegantinnovations.net
Sun Feb 15 15:07:09 PST 2004


On Sat, Feb 14, 2004 at 10:45:43PM +0000, Ian Molton (spyro at f2s.com) wrote:
> On Sat, 14 Feb 2004 11:12:36 -0600
> Dagmar d'Surreal <dagmar.wants at nospam.com> wrote:
> 
> > If you're not going to research this further then just take my word on
> > the ARP thing.  I'm very familiar with ARP trickery and one of my more
> > favorite stunts to do is show people how to make their firewall use no
> > public IPs whatsoever (which also has the nice side-effect of making
> > the firewall utterly untouchable outside of it's two local networks).
> 
> Thats a nice trick. I think I know how its done but my knowledge of ARP
> is limited so perhaps you might like to comment ?

I don't know how Dagmar does it.
Going from memory as I did this work at a start up that failed and I have 
not replicated it since (its on my todo list).  I built a transparent 
bridge/firewall/sniffer a year ago using the bridge patch (which is now 
merged into the kernel) and ebtables.  I put three nics in 
the box.  Two for the bridge and one for ssh access.  The bridge nics 
are not assigned IPs and are put into promiscuous mode.  Then using the 
brctl command a new interface is created by binding these two nics 
together.  Again, this is from memory.
-- 
I think, therefore, ken_i_m
Chief Gadgeteer, Elegant Innovations
Founder, Bozeman Linux Users Group
(406) 581-0495



More information about the hlfs-dev mailing list