Date: Fri, 31 Dec 1999 10:26:00 -0800 (PST) From: daniel B <danielb@almazs.pacex.net> To: Ludo Koren <lk@tempest.sk> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD KERNEL GURUs; Kernel Bridging HELP! Message-ID: <Pine.BSF.4.10.9912311020300.2504-100000@almazs.pacex.net> In-Reply-To: <199912301756.SAA41424@lk.tempest.sk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 30 Dec 1999, Ludo Koren wrote: > > > > To start-with I set the firewall 'open' and all machines were > > able to ping each other and I was able to even browse the net > > from my local LAN BUT there seems to be problem passing packets > > from 'ROUTER' to fxp0 VIA fxp1 > > > ROUTER----fxp1-[ firewall ]-fxp0----[ LAN ] > > > some UDP and ICMP packets don't make it from outside(Internet) > > to my inside LAN as a result web browsing stalls. I have tried > > to use 'ipfw fwd' rule to forward packets from LAN to router > > via fxp1 and vise versa but 'ipfw fwd' seems to work only in > > one directions. Has anybody tried setting up kernel bridging > > in FreeBSD that they would like to share with me? How can I > > forward packets between two interfaces in the same box without > > routing? > > for the moment forwarding is not working together with bridging, AFAIK. > The purpose of the > > sysctl -w net.link.ether.bridge_ipfw=1 > > command is to enable dummynet via ipfw. Bridging with open firewall is > working for me (I have xl0 interface with inet address and ep0 > interface without inet address). > Correct me if I am wrong, dummynet is for use with NAT and if all my machines have real IPs I don't need to NAT. The problem I am facing is that I do not want to split my IP subnet any further for the purpose of routing therefore I need to do kernel bridging. I assume your ep0 interface (without IP) is connected directly to a router and is your external interface on the firewall box? Thanks and happy new century! Dan > Regards, > ludo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9912311020300.2504-100000>