Date: Tue, 27 May 2014 21:30:42 -0400 From: Christopher Hilton <chris@vindaloo.com> To: Jim Pazarena <fquest@paz.bz> Cc: freebsd-questions@freebsd.org Subject: Re: transparent bridge ~ firewall Message-ID: <7AE311B2-271B-4600-9DBC-4EC53F970EC0@vindaloo.com> In-Reply-To: <537ADD0E.5020803@paz.bz> References: <537ADD0E.5020803@paz.bz>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_065CCFAD-692D-498B-8554-906D793FF97F Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On May 20, 2014, at 12:41 AM, Jim Pazarena <fquest@paz.bz> wrote: > Is it possible to configure fbsd so that it passes traffic thru two > nics "transparently", (with a third nic installed as the management = IP)? >=20 > So that firewall rules can be applied between those two transparent > nics? Don't want NAT, don't want routing. Just firewall "allow", = "drop", > or re-direct. >=20 > I purchased a device which uses debian to do this. I would like to > see if I can duplicate the functions on FreeBSD, my OS of choice. >=20 FreeBSD may be able to do this by building a bridge device between two = interfaces and then using pf on the individual interfaces. I'm not 100% = on the capabilities of FreeBSD's bridge devices. I do this on OpenBSD = and it works very well.=20 -- Chris --Apple-Mail=_065CCFAD-692D-498B-8554-906D793FF97F Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJThTxDAAoJEE2ar4QHIpj4B0gQAKhpOOp1cJR8sk1RgDvLI/tW O3NAwlaTfdB1+C2uy8OUIeDPMAFO2ZwoaQKKZUTVQsHyGfF4JcQzIFdknlwnFv7v iCU6wFAGbkwX7N6ernz52hT3stnawgansga2anoXgp2zXUzTntJbQm4p1Jd0KxHO U26yfkpy07QYo8PF5HI1khteWhaA3GzzhQ9UeWQpP5XmvGfOg5YDjqccZ8Ye6w3H Fv139BivpAvMR9YrmrriDw8XhoQTmode6MTypR40MuCYnfjNjpe8MkrzbyH5N4ub dIS4XlBh46iOHe5nHtSWKFByIcMN37fA4RmYIOjMd4wMNqNSXgYgSrShDBfui+W1 bgOAJYKVJ8dC0BQ3FOcyx83E4pJtj+aXBjq8w+fz6ypVqLXnD+gYxTJkXLHwaFvL n9nSjMVA+4m/TcP9YbHJpuBpf5Po+LG6yQIeCyJXq5+nQzOjwn12nBm6/+quH+t/ rm/wRoVUBiHhQRFkr1uhGR0anGxLGbjQ1g6aSz6uzVlIis2tQMbukJADAWV2uUSt ojkRGzUyWZKkfV8TZNaQ++uAvaPEHRojQXFQrQPr4EUhPl4nz6v5XzN6X5kvsx8y 6rFUroSI5ZhyxCetVMvGjCWLjlRuAHixp+oKPkfBR8i0S0Ns98zwmYIrLq/mn4E5 p9YBByRozxC2n4ZMfQtc =QaU2 -----END PGP SIGNATURE----- --Apple-Mail=_065CCFAD-692D-498B-8554-906D793FF97F--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7AE311B2-271B-4600-9DBC-4EC53F970EC0>