Re: Bridging Firewalls

From: Dave Pimlott (
Date: 05/29/02

Date: Wed, 29 May 2002 10:03:09 +0000
From: Dave Pimlott <>

Bob Yeaw wrote:
> I have been reading alot about bridging firewalls using OpenBSD and PF
> or IPF and it seems like a great idea. Does anyone know of any
> gotchas or problems with this approach? What attacks are possible on
> a Packet filter with no IP address?
> thanks,
> bob

the only vulnerabilities I can think of are Ethernet attacks rather than
TCP/IP attacks, e.g. MAC broadcast storms (which are hard to do
In terms of gotchas I can't think of any! In situations like this I
"suck it and see".

Dave Pimlott.