From owner-freebsd-pf@FreeBSD.ORG Mon Apr 28 11:10:17 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BA2A11065679 for ; Mon, 28 Apr 2008 11:10:17 +0000 (UTC) (envelope-from freebsd@violetlan.net) Received: from mail.violetlan.net (ns1.violetlan.net [80.81.242.5]) by mx1.freebsd.org (Postfix) with ESMTP id 2EBDF8FC19 for ; Mon, 28 Apr 2008 11:10:16 +0000 (UTC) (envelope-from freebsd@violetlan.net) Received: from mail.violetlan.net (localhost [127.0.0.1]) by mail.violetlan.net (Postfix) with ESMTP id EC08711460; Mon, 28 Apr 2008 12:12:05 +0100 (BST) Received: from www.violetlan.net (mbali.violetlan.net [10.0.100.150]) by mail.violetlan.net (Postfix) with ESMTP id A0C0611426; Mon, 28 Apr 2008 12:12:05 +0100 (BST) Received: from 217.41.34.61 (SquirrelMail authenticated user freebsd@violetlan.net) by www.violetlan.net with HTTP; Mon, 28 Apr 2008 12:10:58 +0100 (BST) Message-ID: <55812.217.41.34.61.1209381058.squirrel@www.violetlan.net> In-Reply-To: <20080428083555.GA81953@eos.sc1.parodius.com> References: <56784.217.41.34.61.1209369426.squirrel@www.violetlan.net> <20080428083555.GA81953@eos.sc1.parodius.com> Date: Mon, 28 Apr 2008 12:10:58 +0100 (BST) From: "Reinhold" To: "Jeremy Chadwick" User-Agent: SquirrelMail/1.5.1 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Virus-Scanned: ClamAV using ClamSMTP Cc: freebsd-pf@freebsd.org Subject: Re: load balancing and bridging ath0 with re0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2008 11:10:17 -0000 On Mon, April 28, 2008 09:35, Jeremy Chadwick wrote: > On Mon, Apr 28, 2008 at 08:57:06AM +0100, Reinhold wrote: > >> I'm having a bit of problem with getting my wlan to access the lan. I >> have created a bridge and its working in that both wlan and lan can >> access the internet perfectly well but they can't see each other. When I >> disable pf then they can access each other. The problem is that I'm >> doing load-balancing so when I disable pf my internet stops working. > > Have you tried tinkering with the sysctls mentioned in bridge(4)? There > are even more available on RELENG_7, in the case you're using something > older. > Hi I forgot to mention that I'm using RELENG_7_0 I have played with sysctl here is what are now # sysctl net.link.bridge net.link.bridge.ipfw: 0 net.link.bridge.log_stp: 0 net.link.bridge.pfil_local_phys: 0 net.link.bridge.pfil_member: 1 net.link.bridge.pfil_bridge: 1 net.link.bridge.ipfw_arp: 0 net.link.bridge.pfil_onlyip: 0 I've changed net.link.bridge.pfil_onlyip from 1 to 0 with no affect and I tried net.link.bridge.pfil_local_phys 0 to 1 but then all access to the internet stopped so I had to change it back to 0