[lug] cable modem network topology
Sean Reifschneider
jafo at tummy.com
Sat Jul 20 01:06:47 MDT 2002
On Fri, Jul 19, 2002 at 10:26:19AM -0600, D. Stimits wrote:
>But how to actually do this is a mystery, it seems as though the P166
>would need eth0 to respond to multiple dhcp IP's, and then transparently
>forward them to whichever machine booted up, while still allowing rules
You can use bridging with firewalling, as mentioned. Bridging can be work
to set up -- at least the last time I did it I found that something wasn't
documented properly and it wouldn't work until I did something in
particular. I don't remember what that was though...
Another option is to use Proxy ARP to make the firewall act kind of like a
bridge. This works quite well for doing firewalling transparently, but it
can also be work to set up. Expect to make heavy use of tcpdump to get it
working. If you don't fully understand how IP works at most of the lower
layers, you won't get very far without learning. If you do, it's pretty
obvious how it all works...
Sean
--
668: Next door neighbor of the beast.
vivivi: The editor of the beast.
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python
More information about the LUG
mailing list