Date: Fri, 11 Mar 2005 11:51:50 -0800 (PST) From: d c <casteld73@yahoo.com> To: freebsd-isp@freebsd.org Subject: Transparent Firewall- Bridge on 5.3 Message-ID: <20050311195150.45608.qmail@web60306.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I have currently setup bridging on 5.3 p5 w/o too much effort. It works as documented. However I believe I am trying to do something that is not a function of bridging and I wanted to run it by the experts. Essentially I want ALL traffic to pass through the bridge. I accomplished this from the handbook. However I would like to pickoff any packets destined for port 25. Then I would like to forward them to 127.0.0.1:10025. >From the googling I have done I have seen notes mentioning the bridge not handling "fwd" with ipfilter. Here is the rule I am using: ipfw add 100 fwd 127.0.0.1,10025 tcp from not me to any 25 If I log it does show up in /var/log/security. 1. Is there a special directive I need to use when processing layer3 on a layer 2 bridge ? 2. Is the fwd command supported? Goal: Have a transparent device that intercepts all email and hands off to clamsmtp which is listening on 127.0.0.1:10025 Issue: Packets do not seem to be making it to clamsmtp for processing. Also- Does handing off to the loopback on a bridge cause any problems. Could I be making an infinte loop? Anyway to set the rule to process in one direction only on a bridge? Any advice / help / questions /comments would be greatly appreciated. TIA __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050311195150.45608.qmail>