Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 13 Dec 2001 18:25:04 -0800
From:      Derrick John Klise <derrick@lumiere.net>
To:        Fabrizio Ravazzini <freefabri@yahoo.it>
Cc:        freebsd-isp@freebsd.org
Subject:   Re: Ipf & Bridging ???
Message-ID:  <20011213182504.B39897@leaf.lumiere.net>
In-Reply-To: <20011213160654.81416.qmail@web20108.mail.yahoo.com>; from freefabri@yahoo.it on Thu, Dec 13, 2001 at 05:06:54PM %2B0100
References:  <20011213160654.81416.qmail@web20108.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
From the FreeBSD section of the IPF FAQ:
(http://coombs.anu.edu.au/ipfilter/faq/IPFfreebsd.html#1)

Q. I'm having problems with bridging and FreeBSD.
A. IPF does not yet support Bridging on FreeBSD, only OpenBSD... however
Darren [Reed] plans on implementing this soon.

On Thu, Dec 13, 2001 at 05:06:54PM +0100, Fabrizio Ravazzini wrote:
> Hello all I've done a bridge between Internet and my
> DMZ:
> 		Internet
> 		   |
>                    |
>               Cisco Router
> 		   |
>                    |
> 		   |rl0
> 		FreeBSD 4.3
> 		Bridge
> 		   |rl1
>  		   |
> 		  HUB----DMZ
> 
> The bridge works very well,for example from the DMZ
> the servers in it can "see" Internet and from internet
> I can "see" the servers in the DMZ(Public Ip's).
> The problem is with ipf.
> If for example we put a simple rule in /etc/ipf.rules
> like this:
> block in quick on rl0
> 
> in order to block all the traffic going to the DMZ it
> happens that packets originated from internet they
> by-pass my bridge/firewall!
> If you ping for example the bridge they are blocked
> but if you ping a machine in the dmz it responds!
> arghhh..
> I tried to put the rules for the bridge founded in the
> Ipfilter based firewalls howto but they didn't work.
> Any Idea?
> Isn't ipfilter supported under freebsd?
> Have I to use ipfw?
> Many thanks all
> bye
> 		   
> 
> ______________________________________________________________________
> 
> Iscriviti al Meglio della Settimana, la newsletter di Yahoo!
> Per saperne di pił vai alla pagina: http://buongiorno.yahoo.it
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message

-- 
Derrick John Klise			<derrick@lumiere.net>
"I went into a general store, and they wouldn't sell me anything
specific".  -- Steven Wright

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011213182504.B39897>