From owner-freebsd-hackers Tue Nov 28 4:31:58 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id E705737B402 for ; Tue, 28 Nov 2000 04:31:55 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id eASCVpN47491; Tue, 28 Nov 2000 04:31:51 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200011281231.eASCVpN47491@iguana.aciri.org> Subject: Re: bridge + ipfw In-Reply-To: from Camson Huynh at "Nov 28, 2000 11: 8:16 pm" To: Camson.Huynh@eBioinformatics.com (Camson Huynh) Date: Tue, 28 Nov 2000 04:31:51 -0800 (PST) Cc: rizzo@aciri.org, hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > The above doesn't explain why everything work under ne2000 cards but not intel > etherexpress pro 100. Same set of rules allow arp entries through ne2000 cards > but not intel. Also from /etc/rc.firewall that came with FreeBSD 4.2: > # If you're using 'options BRIDGE', uncomment the following line to pass ARP > #${fwcmd} add 300 pass udp from 0.0.0.0 2054 to 0.0.0.0 > which I've done. Unless the rc.firewall file is out of date. My set of rules it is out of date, yes. that command does not have the special meaning anymore. sure it does not explain why ne2000 work and fxp do not, but from the symptoms i really suspect some ipfw misconfiguration rather than a problem in the operating system luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message