Bridging + pf in a production environment

Max Laier max at
Thu Jan 13 04:16:16 PST 2005

On Thursday 13 January 2005 08:57, Ballance, Robert T wrote:
> Howdy list,
> My university is starting to seriously look into migrating from our
> convoluted Slackware Linux + iptables bridging solution to a FreeBSD + pf
> bridging solution.
> I've been reading around about it, after the mention by Solarflux about
> there being problems currently with bridging with pf on FreeBSD. Which
> worries me, he mentioned the option of using OpenBSD, which, is an option,
> but whatever we commit to, we're going to commit to for a good couple of
> years. (We have been using Slackware for about 2 years thus far)
> Is anybody currently working on bringing of if_bridge from Net/OpenBSD as
> Max suggests
> (
> If not, if anybody could really outline how fixing this problem could be
> fixed (past maybe just importing if_bridge) I might be able to convince my
> employer to  pay me to work on it ;)
> (after all, I'm just a measely student worker :P)
> Let me know :)

There is somebody working on it, but it is yet unclear how long until we see 
results from that.  Meanwhile, you might want to try the patch for bridge.c 
from Pyun YongHyeon which improves the situation already:

There might be a newer version of this patch here:

/"\  Best regards,                      | mlaier at
\ /  Max Laier                          | ICQ #67774661
 X  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-pf mailing list