Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: One question

From: Matt Kettler <mkettler () evi-inc com>
Date: Thu, 19 Dec 2002 12:01:13 -0500
No, not a bridge, a router. However I suspect what you are calling a "bridge" is really a router anyway.
A Bridge is a simple ethernet layer device that bridges 2 ethernet segments (ie: a switch with only 2 ports is a bridge), a router is an IP layer device with multiple interfaces that routes IP packets between them. The significant difference here is that some non-IP things like ARP don't generally pass through a router (although they might be proxied by it), but any type ethernet packet can go through a bridge, provided the MAC addresses dictate it is headed to the other side.
Since hogwash relies on IPTables for filtering, that filtering is IP layer, thus must happen on a system which routes at an IP layer. It can't merely be an ethernet layer bridge. 

At 12:11 PM 12/19/2002 +0100, Carmelo Zubeldia wrote:

Hi all,

Run hogwash in a Bridge?

Thxs
--




-------------------------------------------------------
This SF.NET email is sponsored by: Geek Gift Procrastinating?
Get the perfect geek gift now!  Before the Holidays pass you by.
T H I N K G E E K . C O M      http://www.thinkgeek.com/sf/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: