From owner-freebsd-pf@FreeBSD.ORG  Fri Aug 12 22:40:57 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 027E116A41F;
	Fri, 12 Aug 2005 22:40:57 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from postfix4-1.free.fr (postfix4-1.free.fr [213.228.0.62])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 23B5543DA5;
	Fri, 12 Aug 2005 22:40:46 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from tatooine.tataz.chchile.org
	(vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98])
	by postfix4-1.free.fr (Postfix) with ESMTP id BEDCC317FB6;
	Sat, 13 Aug 2005 00:40:45 +0200 (CEST)
Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000)
	id EDFF9405B; Sat, 13 Aug 2005 00:40:55 +0200 (CEST)
Date: Sat, 13 Aug 2005 00:40:55 +0200
From: Jeremie Le Hen <jeremie@le-hen.org>
To: Max Laier <max@love2party.net>
Message-ID: <20050812224055.GF45385@obiwan.tataz.chchile.org>
References: <1123858936.22864.252.camel@torgau.office.netline.net.uk>
	<1123861547.22864.256.camel@torgau.office.netline.net.uk>
	<200508121751.27737.max@love2party.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200508121751.27737.max@love2party.net>
User-Agent: Mutt/1.5.9i
Cc: Andrew Thompson <thompsa@FreeBSD.org>, freebsd-pf@freebsd.org
Subject: Re: Bridge and PF
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Aug 2005 22:40:58 -0000

Hi,

> This is not true.  As Scott suggested try if_bridge in 6.0 which has both
> IPv6 
> and full pf support.  Additionally, pf is supported by the old bridge just 
> use the same settings you would use for ipf.  The old bridge does not allow 
> for stateful filtering however.  The same is true for ipf and ipfw with the 
> old bridge code.

Does if_bridge generally support PF_HOOKS (thus one can use ipfw),
or is it strictly bound to pf ?

Thanks.
Regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >