[pf4freebsd] Re: Bridging?
Max Laier
max at love2party.net
Wed Sep 15 20:46:55 PDT 2004
bridge.c has PFIL_HOOKS implemented. All you should have to do is:
# sysctl net.link.ether.bdg_ipf=1
More documentation can be found in the sources:
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/net/bridge.c#rev1.48
Note the part about "This will not work in (...) the bridge.ko module.", you
need built in bridge to make it work.
Best way to test, is to load a ruleset only containing:
block log
and then
$pftcpdump -n -e -ttt -i pflog0
while generating traffic from both sides. This will give you an idea what
filter rules you'll need.
----- Original Message -----
From: "Alan Bryan" <alan at precisionautobody.com>
To: <pf4freebsd at freelists.org>
Sent: Wednesday, August 27, 2003 6:03 AM
Subject: [pf4freebsd] Bridging?
> I can't seem to find any information about pf and bridging on FreeBSD.
I've
> got my bridge set up and working but seem to be unable to get pf to block
any
> traffic through the bridge.
>
> Before I waste more time on this has anyone else successfully used pf on a
> FreeBSD bridge?
>
> Thanks,
> Alan
>
More information about the freebsd-pf
mailing list