From 611c23e9abdbeca300467305b62b9c0f7bf3cd69 Mon Sep 17 00:00:00 2001
From: Bart De Schuymer <bdschuym@pandora.be>
Date: Fri, 27 Sep 2002 16:40:13 +0000
Subject: deal with fact that ebtables is inside 2.5.x

---
 docs/br_fw_ia/br_fw_ia.html | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

(limited to 'docs')

diff --git a/docs/br_fw_ia/br_fw_ia.html b/docs/br_fw_ia/br_fw_ia.html
index 174c293..aee5ae4 100644
--- a/docs/br_fw_ia/br_fw_ia.html
+++ b/docs/br_fw_ia/br_fw_ia.html
@@ -63,16 +63,12 @@
       This document describes how <EM>iptables</EM> and
       <EM>ebtables</EM> filtering tables interact on a Linux-based bridge.<BR>
       Getting a bridging firewall consists of patching the kernel source
-      code with two patches.
-      The first patch adds <EM>ebtables</EM> support in the kernel.
-      The second patch is called "br-nf-bds" and makes
-      bridged IP frames/packets go through the <EM>iptables</EM> chains.
+      code with one or two patches.
+      Kernels 2.5.39 and above only need the "br-nf-bds" patch, since ebtables has been integrated in the 2.5.x series.
+      For other kernels, you need to first apply the patch that adds <EM>ebtables</EM> support in the kernel.
+      The "br-nf-bds" patch makes bridged IP frames/packets go through the <EM>iptables</EM> chains.
       <EM>Ebtables</EM> filters on the Ethernet layer, while <EM>iptables</EM>
       only filters IP packets.<BR>
-      It is possible to use <EM>ebtables</EM> without compiling the br-nf-bds
-      code into the kernel; and vice versa. The only reason why the br-nf-bds
-      patch has to be applied after the <EM>ebtables</EM> patch is because
-      some files are changed by both patches.<BR>
       The explanations below will use the TCP/IP Network Model.
       It should be noted that the br-nf-bds patch sometimes violates the
       TCP/IP Network
-- 
cgit v1.2.3