From owner-freebsd-questions  Fri Dec 31 10:26: 9 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from almazs.pacex.net (almazs.pacex.net [204.1.219.156])
	by hub.freebsd.org (Postfix) with ESMTP id 8DF3D14C3D
	for <freebsd-questions@FreeBSD.ORG>; Fri, 31 Dec 1999 10:26:07 -0800 (PST)
	(envelope-from danielb@almazs.pacex.net)
Received: from localhost (danielb@localhost)
	by almazs.pacex.net (8.9.3/8.9.3) with ESMTP id KAA02559;
	Fri, 31 Dec 1999 10:26:00 -0800 (PST)
Date: Fri, 31 Dec 1999 10:26:00 -0800 (PST)
From: daniel B <danielb@almazs.pacex.net>
To: Ludo Koren <lk@tempest.sk>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: FreeBSD KERNEL GURUs; Kernel Bridging HELP!
In-Reply-To: <199912301756.SAA41424@lk.tempest.sk>
Message-ID: <Pine.BSF.4.10.9912311020300.2504-100000@almazs.pacex.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



On Thu, 30 Dec 1999, Ludo Koren wrote:

> 
> 
>      > To start-with I set the firewall 'open' and all machines were
>      > able to ping each other and I was able to even browse the net
>      > from my local LAN BUT there seems to be problem passing packets
>      > from 'ROUTER' to fxp0 VIA fxp1
>   
>      >  ROUTER----fxp1-[ firewall ]-fxp0----[ LAN ]
> 
>      > some UDP and ICMP packets don't make it from outside(Internet)
>      > to my inside LAN as a result web browsing stalls.  I have tried
>      > to use 'ipfw fwd' rule to forward packets from LAN to router
>      > via fxp1 and vise versa but 'ipfw fwd' seems to work only in
>      > one directions.  Has anybody tried setting up kernel bridging
>      > in FreeBSD that they would like to share with me?  How can I
>      > forward packets between two interfaces in the same box without
>      > routing?
> 
> for the moment forwarding is not working together with bridging, AFAIK.
> The purpose of the 
> 
> sysctl -w net.link.ether.bridge_ipfw=1
> 
> command is to enable dummynet via ipfw. Bridging with open firewall is
> working for me (I have xl0 interface with inet address and ep0
> interface without inet address).
> 

Correct me if I am wrong, dummynet is for use with NAT and if all my
machines have real IPs I don't need to NAT. The problem I am facing is
that I do not want to split my IP subnet any further for the purpose of
routing therefore I need to do kernel bridging.
I assume your ep0 interface (without IP) is connected directly to a router
and is your external interface on the firewall box?

Thanks
and happy new century!

Dan

 > Regards, > ludo



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message