From owner-freebsd-current@FreeBSD.ORG Thu Sep 25 04:12:13 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0C92A1065691 for ; Thu, 25 Sep 2008 04:12:13 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id AB4EE8FC15 for ; Thu, 25 Sep 2008 04:12:12 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=UYbBQ/3gC8G8yn7D9R0Mso6h47VnyEvcEz1OvqhNi8oAFY1dZGulSTfubNnOglPNLwgSIP2EergHdZFFTUa9YIPu1nJeG6YIh5Xl8DEtxAY1DAkiR3Y7MfZtw6b8OYxWU4L6oonwp8gbFRlz/GyjxvkTaAeQTMtRcUVp2YASdNg=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1KiiD4-0009DG-M2; Thu, 25 Sep 2008 08:12:10 +0400 Date: Thu, 25 Sep 2008 08:12:09 +0400 From: Eygene Ryabinkin To: Michael Proto Message-ID: References: <48C1E43C.1010902@jellydonut.org> <1de79840809240710q5222645ar4549d96a457d7614@mail.gmail.com> <1de79840809240745k4bb9d7bekb3f96812e109d035@mail.gmail.com> <1de79840809241005o17ce674w21df25a0a310f0ec@mail.gmail.com> <1de79840809241812v1281077ckb0cb5382cf7d6422@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="lRF4gxo9Z9M++D0O" Content-Disposition: inline In-Reply-To: <1de79840809241812v1281077ckb0cb5382cf7d6422@mail.gmail.com> Sender: rea-fbsd@codelabs.ru Cc: FreeBSD Current Subject: Re: sysctls and if_bridge X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Sep 2008 04:12:13 -0000 --lRF4gxo9Z9M++D0O Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Michael, good day. Wed, Sep 24, 2008 at 09:12:04PM -0400, Michael Proto wrote: > Manually setting the bridge0 MAC to something other than the wan did work. > Rebuilt kernel with if_bridge.c rev 1.117 and the bridge0 MAC is now > randomly-generated again, and works as well. Glad to hear. > Thanks for the help! You're welcome ;)) > I also now see the net.link.bridge.inherit_mac sysctl as specified in the > commit. Just curious, but would this be useful in situations where > pfil_member is 1 and pfil_bridge is 0? It depends on one's needs, as usual, but perhaps it won't be very useful if you'll decide to filter on _all_ bridge members. Having two interfaces with the same MACs within the bridge poses some problems in the case of a locally-destined packets, but sysctl net.link.bridge.pfil_local_phys can help with those. Filtering rules for packets that are traversing the bridge shouldn't be harmed by MAC inheritance, unless I am missing something. --=20 Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual =20 )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook=20 {_.-``-' {_/ # --lRF4gxo9Z9M++D0O Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkjbD5kACgkQthUKNsbL7YiTHACgoT15lsV7KbOY6ge61ZerEKdF ReYAnRKJMX+93XBuA1gn/Uc83y4IPSAC =XkKR -----END PGP SIGNATURE----- --lRF4gxo9Z9M++D0O--