From owner-freebsd-ipfw Thu Oct 17 12:14:59 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 52A2B37B401 for ; Thu, 17 Oct 2002 12:14:58 -0700 (PDT) Received: from mta4.srv.hcvlny.cv.net (mta4.srv.hcvlny.cv.net [167.206.5.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id C594E43E42 for ; Thu, 17 Oct 2002 12:14:57 -0700 (PDT) (envelope-from agapon@excite.com) Received: from edge.foundation.invalid (ool-182f90f3.dyn.optonline.net [24.47.144.243]) by mta4.srv.hcvlny.cv.net (iPlanet Messaging Server 5.2 HotFix 0.9 (built Jul 29 2002)) with ESMTP id <0H4500LYB3ILR8@mta4.srv.hcvlny.cv.net> for freebsd-ipfw@freebsd.org; Thu, 17 Oct 2002 15:01:33 -0400 (EDT) Received: from localhost (localhost.foundation.invalid [127.0.0.1]) by edge.foundation.invalid (8.12.6/8.12.3) with ESMTP id g9HJ1W3S001159 for ; Thu, 17 Oct 2002 15:01:32 -0400 (EDT envelope-from agapon@excite.com) Date: Thu, 17 Oct 2002 15:01:32 -0400 (EDT) From: Andriy Gapon Subject: IPFIREWALL_DEFAULT_TO_ACCEPT and bridge X-X-Sender: avg@edge.foundation.invalid To: freebsd-ipfw@freebsd.org Message-id: <20021017145455.O1073-100000@edge.foundation.invalid> MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Content-transfer-encoding: 7BIT Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In the situation of host with 3 interfaces and bridging done between two of them, when would I need IPFIREWALL_DEFAULT_TO_ACCEPT kernel option ? Is it only if I want filter bridged traffic ? Will this option allow all non-ip traffic with IPFW2 or do I need add the rule for non-ip traffic before 'deny everything' rule ? -- Andriy Gapon * "I do not know myself, and God forbid that I should." Johann Wolfgang von Goethe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message