From owner-freebsd-current@FreeBSD.ORG Fri Jun 18 18:26:21 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DE09616A4CE for ; Fri, 18 Jun 2004 18:26:21 +0000 (GMT) Received: from mail.comita.spb.ru (mail.comita.spb.ru [213.182.169.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C02243D45 for ; Fri, 18 Jun 2004 18:26:21 +0000 (GMT) (envelope-from postfix@sendmail.ru) Received: by mail.comita.spb.ru (Postfix, from userid 1116) id 0CF4E1AE03; Fri, 18 Jun 2004 22:26:09 +0400 (MSD) Received: from localhost (ppp-dialup-16.atcom.spb.ru [213.182.168.16]) by mail.comita.spb.ru (Postfix) with ESMTP id 3FC8F1AB3F for ; Fri, 18 Jun 2004 22:26:07 +0400 (MSD) X-AntiVirus: Checked by Dr.Web [version: 4.31a, engine: 4.31b, virus records: 50892, updated: 12.06.2004] Date: Fri, 18 Jun 2004 22:23:02 +0400 From: Toxa Organization: toxahost X-Priority: 3 (Normal) Message-ID: <308572066.20040618222302@sendmail.ru> To: current@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam: Ham, tests=bogofilter, spamicity=0.00e+00, version=0.17.2 Subject: -current BRIDGE and PF X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Toxa List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jun 2004 18:26:22 -0000 Due to the fact that pf and altq are in the base system in -current, I have decided to move my bridged router back from openbsd to freebsd (well, it's not heavy-loaded bridge, so possible -current odds is acceptable, and it's a good chance to test -current in production environment). But as I can see, it's still unable to use pf on bridged router. There's no sysctl value for enabling pf in bridge, bridge working but packets doesn't goes through pf, all counters (pfctl -vsr) are zeros, everything passed throuth gateway like there's no firewall on it at all. Am I right? Is pf still unable to work on bridge?