Date: Tue, 31 Oct 2000 00:10:24 -0800 From: "Crist J . Clark" <cjclark@reflexnet.net> To: Some Person <ntvsunix@hotmail.com> Cc: freebsd-questions@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG Subject: Re: Transparent Ethernet Bridging with IPFW... Message-ID: <20001031001024.F75251@149.211.6.64.reflexcom.com> In-Reply-To: <F228MHm5WeHv032jUTK00003889@hotmail.com>; from ntvsunix@hotmail.com on Mon, Oct 30, 2000 at 07:37:19AM %2B0000 References: <F228MHm5WeHv032jUTK00003889@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 30, 2000 at 07:37:19AM +0000, Some Person wrote:
> Sorry if its a repeat, last msg bounced back for some off reason.
>
> Quick question. Has anyone done transparent (ipless) bridging in FreeBSD
> with IPFW? If so, the thing I'm wondering about is, what would you put for
> $oip=? 0.0.0.0 or nothing at all?
Are you talking about the variables in the "simple" firewall? That is
a starting point for a routing firewall. You probably want to start
almost from scratch. However, I would think $oip = $iip would be the
best answer.
> Also, like in OpenBSD with IPFilter, doing transparent bridging you had to
> filter in one direction only, pass in on <if> internal/external. Wondering
> if it's the same for IPFW?
$ man ipfw
.
.
.
Each incoming or outgoing packet is passed through the ipfw rules. If
host is acting as a gateway, packets forwarded by the gateway are pro-
cessed by ipfw twice. In case a host is acting as a bridge, packets for-
warded by the bridge are processed by ipfw once.
--
Crist J. Clark cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001031001024.F75251>