From owner-freebsd-net Tue Mar 27 20:45:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from info.iet.unipi.it (info.iet.unipi.it [131.114.9.184]) by hub.freebsd.org (Postfix) with ESMTP id E976C37B718 for ; Tue, 27 Mar 2001 20:45:10 -0800 (PST) (envelope-from luigi@info.iet.unipi.it) Received: (from luigi@localhost) by info.iet.unipi.it (8.9.3/8.9.3) id GAA89371; Wed, 28 Mar 2001 06:44:30 +0200 (CEST) (envelope-from luigi) From: Luigi Rizzo Message-Id: <200103280444.GAA89371@info.iet.unipi.it> Subject: Re: netgraph ng_bridge and ipfilter In-Reply-To: <3AC0CCC3.F7DD8133@elischer.org> from Julian Elischer at "Mar 27, 2001 09:24:19 am" To: Julian Elischer Date: Wed, 28 Mar 2001 06:44:30 +0200 (CEST) Cc: Archie Cobbs , Peter.Blok@inter.NL.net, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > in this case, this person seemed to _need_ the interaction in > > order to have a bridging firewall > > that would be a brouter and not a bridge..Filering on IP at link layer.. > yuck. > > It's really a crime against humanity but then that's never stopped It's just a damn useful thing when you have to protect a network withouth having to replace a router (which might not even be there) or reassign addresses, and the fact you can do that in FreeBSD is a big selling point for FreeBSD's native bridging. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message