Quoting Lucky Leavell
OS: SuSE 9.1 with latest patches
I found the thread on using SuSE as a bridging firewall earlier this year but seem to be stuck.
Topology: Internet Side: xxx.xxx.xxx.1 (Default Gateway) (Cisco router)
Bridge: Defined bridge xxx.xxx.xxx.10 adding eth0 (connected to .1) and eth1 (LAN side). Default route defined as xxx.xxx.xxx.1
LAN Side: Test system xxx.xxx.xxx.29
I can ping .1, .10 and .29 from the bridge system and even surf the internet, etc. I can ping the bridge (.10) from the LAN side (.29) but cannot ping the gateway (.1). At this point there are no iptables rules in effect (iptables -L shows nothing) and SuSEfirewall2 is disabled.
Out of curiosity, why don't you make the "Bridge" system into a real linux firewall? You can have the linux box provide DHCP for a 192.168.x.x block (or a 10.x.x.x if you prefer) and stop virtually all attacks, rather than just syn and smurf... It's been years since I've seen anyone try to "bridge" two networks without real routing. SuSEfirewall2 has all you need for setting up the firewall and routing.