Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 8 Nov 2011 09:54:40 -0600
From:      Korodev <>
Subject:   Protecting bridge interface via external interface and IPFW
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
I'm currently running a typical bridge setup on 8.2 with if_bridge and
ipfw (tunings below) and I've set up a libpcap tool to monitor packets
traversing bridge interface. I've got some traffic that I don't want
the tool to see, so I've firewalled it off using ipfw. However, it
appears that no matter how I tune my sysctl knobs, the bridge
interface will always see the packet regardless if it's blocked or not
by the ipfw at the external physical interface.  I have played with
pfil_member, and seen no changes in this activity.

Are there any modifications, whether it be patches, sysctl tunings, or
virtual interface trickery to allow IPFW to act as a "shield" to my
libpcap program?

Here are my sysctl tunings: 1 0 0 0

Edit: It looks like I have the exact same question as this individual
that was never answered on the forums:


Want to link to this message? Use this URL: <>