IPF, IPv6 and a bridge
David Malone
dwmalone at maths.tcd.ie
Fri Jan 30 05:43:13 PST 2004
On Fri, Jan 30, 2004 at 09:38:08AM +0100, Jeroen Ubbink wrote:
> ipfw doesn't seem to block router advertisements on a
> bridge either. Is this just a problem with both those firewall tools or is
> it a problem in FreeBSD?
Bridged packets are special and are not usually firewalled. I could be
mistaken, but I don't think you can get ipf to filter bridged packets
in 4.9. You could use ipfw2 to do it though:
sysctl net.link.ether.bridge_ipfw=1
ipfw add deny layer2 mac-type ipv6 recv tun1
(You'll need to turn on ipfw2 to do this - see the ipfw man page for
details).
David.
More information about the freebsd-stable
mailing list