[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Transprent Firewall over PPP

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Transprent Firewall over PPP
From: Philipp Buehler <OpenBSD_(_at_)_fips_(_dot_)_de>
Date: Wed, 31 Jul 2002 10:44:55 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
Reply-to: Philipp Buehler <OpenBSD_(_at_)_fips_(_dot_)_de>

On 31/07/2002, Greg Fitzgerald <gregf_(_at_)_elitepimps_(_dot_)_org> wrote To misc_(_at_)_openbsd_(_dot_)_org:
> I been reading up on using OpenBSD 3.0/1 and PF to create transparent
> firewalls using a switch and briding two interfaces. My question is, is
> it possible to create a transparent firewall like this when using a PPP
> connection? If so can someone point me in the right direction.

You mean, one interface is ethernet, the other a ppp connection via a modem?
No, this doesnt work. Bridging is a pure Ethernet thing.
Note that ppp(8) can filter IP as well, maybe in less 'quality' then pf..

One thing on my todo is support for something like this:

Client----Bridge----DSL-Modem----DSLAM/Internet

Where one uses PPPoE between Client and DSL-Modem.

pf(4) on the Bridge could peek into the PPPoE packets.

-current already supports IPsec for a similar setup, and this
is a good start to filter any encapsulated IP (GRE comes into
mind first).

Dont hold your breath though.

ciao
-- 
Philipp Buehler, aka fips | sysfive.com GmbH | BOfH | NUCH | <double-p> 

#1: Break the clue barrier!
#2: Already had buzzword confuseritis ?

Follow-Ups:
- Re: Transprent Firewall over PPP
  - From: Dirk Rosler

References:
- Transprent Firewall over PPP
  - From: Greg Fitzgerald

Prev by Date: Ultra ATA 133 with OpenBSD 3.1
Next by Date: Re: Nat and flow redirect
Previous by thread: Transprent Firewall over PPP
Next by thread: Re: Transprent Firewall over PPP
Index(es):
- Date
- Thread

Visit your host, monkey.org