Date: Wed, 4 May 2005 17:15:21 +0200 From: Jose M Rodriguez <josemi@freebsd.jazztel.es> To: "Undisclosed.Recipients": ; Cc: net@freebsd.org Subject: Re: ipfw broken with bridge under 5.x (5.3 and 5.4) Message-ID: <200505041715.22110.josemi@freebsd.jazztel.es> In-Reply-To: <200505041647.33609.josemi@freebsd.jazztel.es> References: <20050502200413.GB46745@genius.tao.org.uk> <20050504142425.GB710@genius.pact.cpes.susx.ac.uk> <200505041647.33609.josemi@freebsd.jazztel.es>
index | next in thread | previous in thread | raw e-mail
El Miércoles, 4 de Mayo de 2005 16:47, Jose M Rodriguez escribió: > El Miércoles, 4 de Mayo de 2005 16:24, Josef Karthauser escribió: > > It appear that ipfw doesn't work with bridge in 5.3 and 5.4. The > > symptoms are that the bridge stops forwarding packets altogether, > > for me a few minutes after it is set up. It takes a > > > > # net.link.ether.bridge_ipfw=0 && sleep 5 && > > net.link.ether.bridge_ipfw=1 > > > > to get it back up and running, which it does, but only for a few > > minutes before it stops working again. The five second sleep is > > sometimes too long, and sometimes not enough time. > > > > Would someone in the know be able to help me to trouble shoot it? > > (I'm scared of ipfw! :). > > > > Thanks! > > Joe > > Are your rules stopping arp or so? Remember make pass this kind of > traffic at layer2. > sorry, forgot the rule. Try something like this at the beginning of your ruleset: pass not ip from any to any layer2 -- josemihelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505041715.22110.josemi>