From owner-freebsd-questions Tue Feb 26 9:54:39 2002 Delivered-To: freebsd-questions@freebsd.org Received: from jodocus.org (c115139.upc-c.chello.nl [212.187.115.139]) by hub.freebsd.org (Postfix) with ESMTP id 7D02237B402 for ; Tue, 26 Feb 2002 09:54:36 -0800 (PST) Received: (from joost@localhost) by jodocus.org (8.11.3/8.11.3) id g1QHsXf22111; Tue, 26 Feb 2002 18:54:33 +0100 (CET) (envelope-from joost) Date: Tue, 26 Feb 2002 18:54:32 +0100 From: Joost Bekkers To: hiten@uk.FreeBSD.org Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Transparent Firewalling with FreeBSD (bridge and ipf) Message-ID: <20020226185432.A22079@bps.jodocus.org> References: <20020226114158.12986.qmail@web21107.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <20020226114158.12986.qmail@web21107.mail.yahoo.com>; from hitmaster2k@yahoo.com on Tue, Feb 26, 2002 at 03:41:58AM -0800 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Feb 26, 2002 at 03:41:58AM -0800, Hiten Pandya wrote: > hi all, > > I was wondering, if it is possible to do transparent firewalling, > with BRIDGE, and IPF support in FreeBSD. Basically, I have to use > it in a fiber-optic environment, where security is a very big issue, > and a transparent firewall has been suggested. I know OpenBSD can do > this, but would be more happy to do it with FreeBSD. > Using IPF on bridged traffic is not suppoted. Using IPFW however is. However, keep in mind that only ip (as in starts with an ip header) is passed through the firewall rules. All other packets get passed. (yes, the man page claims something different here.) -- greetz Joost joost@jodocus.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message