Date: Fri, 9 Mar 2001 08:46:43 -0600 From: "Thomas T. Veldhouse" <veldy@veldy.net> To: <arr@oceanwave.com>, <freebsd-stable@FreeBSD.ORG>, "Christopher Schulte" <christopher@schulte.org> Subject: Re: 4.2-R, bridging and ipfilter Message-ID: <002f01c0a8a7$c3e9fb30$3028680a@tgt.com> References: <5.0.2.1.0.20010308160207.02762e18@pop.schulte.org>
next in thread | previous in thread | raw e-mail | index | archive | help
IPFILTER is an alternative to IPFIREWALL. As far as I know, IPFILTER does not work on bridged packets -- so you can not firewall you LAN transparently using a IPFILTER bridge. IPFIREWALL does filter bridged packets. However, I don't believe the stateful rules processing is as robust. I was getting errors about too many states and such -- so I went back to IPFILTER using IPNAT (using bimap). Tom Veldhouse veldy@veldy.net ----- Original Message ----- From: "Christopher Schulte" <christopher@schulte.org> To: <arr@oceanwave.com>; <freebsd-stable@FreeBSD.ORG> Sent: Thursday, March 08, 2001 4:03 PM Subject: Re: 4.2-R, bridging and ipfilter > At 04:48 PM 3/8/2001 -0500, arr@oceanwave.com wrote: > >Has anyone gotten bridging and ipfilter to work together with 4.2-R? > > Question: do you mean IPFIREWALL and bridging? > > If so, yes. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002f01c0a8a7$c3e9fb30$3028680a>