Transparent Firewall- Bridge on 5.3
d c
casteld73 at yahoo.com
Fri Mar 11 11:51:53 PST 2005
I have currently setup bridging on 5.3 p5 w/o too much effort. It works as documented.
However I believe I am trying to do something that is not a function of bridging and I wanted to run it by the experts.
Essentially I want ALL traffic to pass through the bridge. I accomplished this from the handbook. However I would like to pickoff any packets destined for port 25. Then I would like to forward them to 127.0.0.1:10025.
>From the googling I have done I have seen notes mentioning the bridge not handling "fwd" with ipfilter.
Here is the rule I am using:
ipfw add 100 fwd 127.0.0.1,10025 tcp from not me to any 25
If I log it does show up in /var/log/security.
1. Is there a special directive I need to use when processing layer3 on a layer 2 bridge ?
2. Is the fwd command supported?
Goal: Have a transparent device that intercepts all email and hands off to clamsmtp which is listening on 127.0.0.1:10025
Issue: Packets do not seem to be making it to clamsmtp for processing.
Also- Does handing off to the loopback on a bridge cause any problems. Could I be making an infinte loop? Anyway to set the rule to process in one direction only on a bridge?
Any advice / help / questions /comments would be greatly appreciated.
TIA
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-isp
mailing list