From owner-freebsd-questions  Wed Dec 29 10:18:55 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from almazs.pacex.net (almazs.pacex.net [204.1.219.156])
	by hub.freebsd.org (Postfix) with ESMTP id 8BAB71500D
	for <freebsd-questions@freebsd.org>; Wed, 29 Dec 1999 10:18:53 -0800 (PST)
	(envelope-from danielb@almazs.pacex.net)
Received: from localhost (danielb@localhost)
	by almazs.pacex.net (8.9.3/8.9.3) with ESMTP id KAA41369
	for <freebsd-questions@freebsd.org>; Wed, 29 Dec 1999 10:18:53 -0800 (PST)
Date: Wed, 29 Dec 1999 10:18:53 -0800 (PST)
From: daniel B <danielb@almazs.pacex.net>
To: freebsd-questions@freebsd.org
Subject: FreeBSD KERNEL GURUs; Kernel Bridging HELP!
Message-ID: <Pine.BSF.4.10.9912290946340.41261-100000@almazs.pacex.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hi folks;
I am trying to implement kernel bridging on a FreeBSD-3.3-STABLE machines
that are sitting on the same subnet for the purpose of using IPFW.
Simply:

Internet---ROUTER---[firewall]---[hub]-----LAN--.
                    ^        ^   
                   fxp1     fxp0
fxp0 has a real IP assigned and fxp1 is directly connected to router by
cross-over ethernet cable no IP assigned. all LAN machines have real IP

kernel compiled with:
options		BRIDGE
options		IPFIREWALL
options		IPFIREWALL_VERBOSE
options		IPFIREWALL_FORWARD

also at startup:
sysctl -w net.link.ether.bridge=1
sysctl -w net.link.ether.bridge_ipfw=1

To start-with I set the firewall 'open' and all machines were able to ping
each other and I was able to even browse the net from my local LAN BUT
there seems to be problem passing packets from 'ROUTER' to fxp0 VIA fxp1
  
 ROUTER----fxp1-[ firewall ]-fxp0----[ LAN ]

some UDP and ICMP packets don't make it from outside(Internet) to my
inside LAN as a result web browsing stalls.
I have tried to use 'ipfw fwd' rule to forward packets from LAN to router
via fxp1 and vise versa but 'ipfw fwd' seems to work only in one
directions.
Has anybody tried setting up kernel bridging in FreeBSD that they would
like to share with me?
How can I forward packets between two interfaces in the same box without
routing?

Thank you and happy new year!

Dan



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message