pf, pfil hooks and if_bridge
freebsd-questions-local at be-well.ilk.org
Wed Dec 28 06:38:51 PST 2005
Aaron Peterson <lloyd.peterson at gmail.com> writes:
> On 28 Dec 2005 08:45:06 -0500, Lowell Gilbert
> <freebsd-questions-local at be-well.ilk.org> wrote:
> > Aaron Peterson <lloyd.peterson at gmail.com> writes:
> > > I was reading about the new if_bridge driver, and the ability of any
> > > packet filter to interface with it that uses pfil hooks. But I can't
> > > seem to find any documentation that says whether pf is such a packet
> > > filter? Would someone enlighten me if pf is useable with the new
> > > if_bridge driver?
> > $ grep 'pfil\.h' /usr/scratch/ncvs/src/sys/contrib/pf/*/*
> > /usr/scratch/ncvs/src/sys/contrib/pf/net/pf_ioctl.c,v:#include <net/pfil.h>
> > $
> > So, the answer is "yes."
> Thanks, I think it's likely I would not have figured that out on my own :-)
That was the condensed version. ;-)
I was also checking on the configuration, but it looks like the
if_bridge(4) manual page is all you need. I didn't *try* it,
however, so I can't guarantee I caught all of the important points.
More information about the freebsd-questions