It looks like a bridging firewall is the answer. Thanks. -----Original Message----- From: fedora-list-bounces@xxxxxxxxxx [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Stewart Nelson Sent: Wednesday, October 13, 2004 2:55 AM To: fedora-list@xxxxxxxxxx Subject: RE: IP access restriction > I take it your using NAT, in this instance it needs to be a bridge type of > function. Well, maybe not. IMO, you have several choices: 1. Implement a bridging firewall. A good description is at http://linuxgazette.net/issue76/whitmarsh.html but it appears that in 2.6 you don't need the patch any more. See http://www.linuxquestions.org/questions/archive/4/2004/08/2/214133 2. Make a pseudo-bridge with proxy-arp. See http://www.linuxforum.com/linux-advanced-routing/lartc.bridging.html 3. Have the ISP assign an additional /30 and a static route, so your buddy can have a conventional border router. 4. He may already have a router and not know it :) In which case you can just add the firewall rules to it, or replace it with a fedora box. --Stewart -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
