fwd and bridging
Shawn Barnhart
swb at grasslake.net
Wed Apr 9 14:31:52 PDT 2003
----- Original Message -----
From: "Crist J. Clark" <crist.clark at attbi.com>
> On Sat, Apr 05, 2003 at 07:49:03AM -0600, Shawn Barnhart wrote:
> > The manpage states that fwd rules (like for transparent proxying) will
not
> > match bridged packets. Will they ever, or is there some fundamental
reason
> > they can't?
>
> Bridged packets are never processed at the IP layer, that is, they
> never get passed to the ip_input() function. All of the 'fwd' code
> lives in ip_input() and ip_output() at the IP layer and above.
Thanks for the explanation. It's unfortunate they can't, it'd be ideal for
a transparent proxying setup or other interception without having to alter
clients routes.
More information about the freebsd-ipfw
mailing list