[ previous ] [ next ] [ threads ]
 
 From:  Nicholas J Humfrey <njh at ecs dot soton dot ac dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Layer 2 Bridging Firewall ?
 Date:  Mon, 25 Jul 2005 02:13:11 +0100
Hi,

I have some servers plugged intro a very large subnet full of all  
sorts of other machines (workstations [running Netware], desktops,  
other servers, cash registers):

http://www.ecs.soton.ac.uk/~njh/surge_network.png


I would like to firewall my servers from the other machines on the  
subnet (netware IPX packets and Windows viruses), and also prevent my  
IPv6 router advertisements from leaving my little segment.


 From my experiments, it doesn't look like m0n0wall does any Layer 2  
firewalling when running bridged mode ? Both my IPv4 and IPv6 packets  
were being bridged across, so I guess this means AppleTalk, IPX etc  
will be too.


If I used a Proxy ARP setup, would it have the right effect of only  
allowing IPv4 through ?


Any better way of doing it ?

Thanks !

nick.


ps. very impressed with how clean and compact m0n0wall is - a lot  
nicer than the open source competitors I have looked at :)