ipfw triple homed bridge
bogdan oprea
bogdan_inedit at yahoo.com
Mon Dec 1 00:47:41 PST 2008
i have a freebsd 7 box with the following configuration:
vr0---box---rl0
|
rl1
i bridged vr0 and rl0 using this commands in rc.conf:
cloned_interfaces="bridge0"
ifconfig_bridge0="inet x.x.x.x/24 addm vr0 addm rl0 up"
ifconfig_vr0="up"
ifconfig_rl0="up"
rl1 has routing enabled with:
gateway_enable="YES"
ifconfig_rl1="inet y.y.y.y netmask 255.255.255.192"
when creating rules such as:
ipfw add 100 ip from any to any in via vr0 or ipfw add 100 ip from any to any in via rl0 i see no traffic
but when creating rules like ipfw add 100 ip from any to any in via bridge0 i see traffic
i was wondering if i can add rules based on vr0 and rl0, not on bridge0, because i wan't to limit some ports on vr0 and i want dhcpd server to serve only on rl0
i also have in sysctl.conf:
net.link.bridge.ipfw=1
net.link.bridge.ipfw_arp=1
More information about the freebsd-ipfw
mailing list