layer2 ipfw fwd
Karim Fodil-Lemelin
fodillemlinkarim at gmail.com
Fri Jan 8 22:57:53 UTC 2016
On 2015-12-25 12:36 PM, Julian Elischer wrote:
> On 23/12/2015 11:49 PM, Mark Felder wrote:
>>
>> On Mon, Dec 21, 2015, at 08:40, Julian Elischer wrote:
>>> This is EXACTLY what the cisco/ironport web filter appliance does...
>>>
>> If we had this in FreeBSD nobody would have to reinvent the wheel to
>> build a similar appliance, right? And it might allow someone to build a
>> competing open source FreeBSD-based web filter appliance with this same
>> feature set...
> nah...there is SO MUCH MORE to what the ironport does.
Yes and that is why FWD action isn't part of the bridge if I recall the
old discussions.
Where I work, we also have a L2 transparent proxy (we wrote it way back
on FBSD 4.5 based on Luigi's old bridge code) but it is very specific
for one particular application.
Trying to support a generic L2 FWD action that does any next hop
forwarding as a general solution (which is what you'd need to do for
FBSD) would require a lot of code most users wouldn't want to see the
bridge burden with.
Well that is what we've seen throughout the years.
K.
More information about the freebsd-ipfw
mailing list