From owner-freebsd-security Wed Mar 28 10:17:17 2001 Delivered-To: freebsd-security@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.13]) by hub.freebsd.org (Postfix) with SMTP id 486EF37B71C for ; Wed, 28 Mar 2001 10:17:12 -0800 (PST) (envelope-from roam@orbitel.bg) Received: (qmail 11111 invoked by uid 1000); 28 Mar 2001 18:16:08 -0000 Date: Wed, 28 Mar 2001 21:16:08 +0300 From: Peter Pentchev To: Mason Harding Cc: security@FreeBSD.ORG Subject: Re: Bridging and IPF Message-ID: <20010328211608.A10861@ringworld.oblivion.bg> Mail-Followup-To: Mason Harding , security@FreeBSD.ORG References: <20010328111618.C9865@pir.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from mharding@marketnews.com on Wed, Mar 28, 2001 at 12:54:36PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Mar 28, 2001 at 12:54:36PM -0500, Mason Harding wrote: > Hi. Has anyone had much luck with Bridging and IPF? As soon as I enable > bridging both IPF and IPFW stop filtering at all. If I set them both to > deny everything, they still let all packets pass. When I set > net.link.ether.bridge_ipfw=1 my system sits there for a second and then the > kernel crashes and reboots the machine. I can get > net.link.ether.bridge_ipfw set to 1 without a crash if I have no IP address > on any of the bridged interfaces, but I need an IP address so I can use my > external syslog server and ssh into the firewall(untill I know its running > well). Please help? Oh yah, its FreeBSD 4.2. Is this a plain vanilla 4.2-RELEASE, or some kind of -stable? In any case, could you update to the most recent -stable (4.3-RC at the moment) and see if the problems persist? There have been MANY fixes to the routing/bridging code in the last two months. G'luck, Peter -- I've heard that this sentence is a rumor. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message