Date: Thu, 13 Mar 2008 07:16:17 -0700 From: Chris <eagletree@hughes.net> To: freebsd-net@freebsd.org Subject: IPFW, DIVERT, and if_bridge Message-ID: <759F7CF5-D47A-4431-88FF-B40FFDE0E24C@hughes.net>
next in thread | raw e-mail | index | archive | help
Hello, I posted a similar message to Questions but received no answer so I'm reposting a paraphrase here to see if anyone knows. I built FreeBSD 7.0 with options DIVERT and if_bridge to see if I could make snort_inline work with the bridging firewall I'm building. I found that the divert would not direct packets to snort_inline which sounded a little like the experiences people had when they tried to do this with the pre-6.x bridge. Is it still not possible to use divert with if_bridge? Here is what I'm seeing in ipfw. 65000 48 7382 count ip from any to any 65001 0 0 divert 8300 ip from any to any 65010 48 7382 allow ip from any to any Thank you, Chris Pratt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?759F7CF5-D47A-4431-88FF-B40FFDE0E24C>