Date: Sun, 25 Nov 2007 11:04:46 +0100 From: Jordi Espasa Clofent <jordi.espasa@opengea.org> To: freebsd-pf@freebsd.org Subject: Transparent FW: PF+briging mode Message-ID: <474948BE.1000704@opengea.org>
next in thread | raw e-mail | index | archive | help
Hi all, I'm planning to build a transparent FW using PF+bridging mode; the network arquitecture will be: [Internet] <-> ( xl0 ) <bridge> ( xl2 ) <-> ( switchs ) <-> (clients with /23 public IPs ) I've read a lot in this list and other places about some problems with bridging mode and PF; but I don't understand exactly where is the problem. Maybe it's an old problem solved at present moment, because these post were is 2004/2005 and related to 5.x: http://lists.freebsd.org/mailman/htdig/freebsd-pf/2005-August/001369.html http://lists.freebsd.org/mailman/htdig/freebsd-pf/2005-January/000745.html http://lists.freebsd.org/pipermail/freebsd-pf/2005-November/001697.html My questions are: ¿Is possible to build the commented arquitecture with _ALL_ pf features available? ¿Can the FW (pf) inspect and act on the packets which pass through the bridge with clients as final destination? ¿Are there differences related to this problem in using 6.x or 7.x branches? -- Thanks Jordi Espasa Clofent
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?474948BE.1000704>