I'm contemplating using proxy arp as an alternative for the filtering
bridge (which has issues with talking to the bridged network from
within the LAN). Then, I'll be routing packets instead of bridging
them, and they will still be subject to the filtering rules. Right?
The explanatory text on the proxy arp page does only mention the use
of proxy arp in 1:1 NAT situations, when the boxes behind m0n0wall
have a different idea about their own IP address than the rest of the
world. It says nothing about a straight no-NAT setup.
For lack of a clear picture of how the various components of m0n0wall
conceptually click together, I cannot judge whether this is supposed
to work at all. Does anyone know, or should I just experiment and
report back any success or failure? ;-)
And no, I cannot avoid proxy-arp altogether by *routing* the subnet to
m0n0wall directly because the router on the WAN is not under my