Keep IP connectivity on a bridge
I'm working on a transparent bridge to AV scan http traffic and not having to configure any proxies.
Its not fully configured yet but it will be positioned between the firewall and the actual internet line.
The problem here will be connectivity .. under no circumstances do I want that machine to have a public IP so I thought up a few options that are or might be possible..
- I can just add an extra nic as a 'management interface' (that'll obviously work :P)
- Add an ip to the eth0 interface that is still in the bridge and a 2nd ip to the WAN interface of the firewall.
- Add a vlan interface on the 'inside' interface so that tagged traffic goes there and everything else gets bridged ..
- Something I have not thought of ... :-)
Anyone have any experience with bridging and knows more about whats possible and not when it comes to keeping connectivity to the machine ?