From owner-freebsd-questions Sat Nov 24 5:22:20 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.toronto.istar.net (mail1.toronto.istar.net [209.89.75.17]) by hub.freebsd.org (Postfix) with ESMTP id 604DF37B405 for ; Sat, 24 Nov 2001 05:22:17 -0800 (PST) Received: from d226-39-102.home.cgocable.net ([24.226.39.102] helo=x1-6-00-50-ba-de-36-33.kico1.on.home.com) by mail1.toronto.istar.net with esmtp (Exim 2.02 #1) id 167clD-00046j-00; Sat, 24 Nov 2001 08:22:23 -0500 Received: from localhost (genisis@localhost) by x1-6-00-50-ba-de-36-33.kico1.on.home.com (8.11.6/8.11.6) with ESMTP id fAODStJ76989; Sat, 24 Nov 2001 08:28:56 -0500 (EST) (envelope-from genisis@istar.ca) X-Authentication-Warning: x1-6-00-50-ba-de-36-33.kico1.on.home.com: genisis owned process doing -bs Date: Sat, 24 Nov 2001 08:28:55 -0500 (EST) From: Dru X-X-Sender: To: Chuck Root Cc: Subject: Re: IPFW/VLAN In-Reply-To: <3BFF5C8C.1CC4A6FF@mauibuilt.com> Message-ID: <20011124082416.R76925-100000@x1-6-00-50-ba-de-36-33.kico1.on.home.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 23 Nov 2001, Chuck Root wrote: > I am trying to use a freebsd box with 2 fxp NIC's in it as a firewall > between 2 points on a 802.1q tagged vlan trunk. > > I am bridging the interfaces using the BRIDGING option in the kernel and > I am using ipfw to filter pakets. > > The bridge and ipfw work fine with normal pakets but the ones with > 802.1q tages slip right on by. > > is there any way to do this? > > I have tried bridging the vlans them selfs with no luck. Hi Richard, Do you have the following line in your kernel config file? pseudo-device vlan 2 Also, what is the MTU on the fxps? HTH, Dru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message