Date: Thu, 25 Jul 2002 08:00:01 -0400 From: Mike Tancsa <mike@sentex.net> To: FreeBSD MAIL <freebsd@mauibuilt.com> Cc: freebsd-networking@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Vlan filtering. Message-ID: <5.1.0.14.0.20020725075401.07beb2b8@192.168.0.12> In-Reply-To: <200207250458.g6P4w2Yd048482@mauibuilt.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Why not just filter by interface that you have associated with the vlan ?
e.g. you want to block all packets from vlan 123 and your next free vlan
interface is vlan12
ifconfig vlan12 vlan 123 vlandev fxp0
ipfw add 12 deny log all from any to any via vlan12
This would effectively block all VLAN packets that are part of the 802.1q
vlan 123.
---Mike
At 06:58 PM 7/24/2002 -1000, FreeBSD MAIL wrote:
>I was wondering what it would take to get IPFW and BRIDGING to be able
>to filter 802.1q tagged vlan pakets?
>
>I know you can bridge Vlan interfcaces but ipfw dosnt seem to pick up tagged
>packets.
>
>Is there anyone working on this or has gotten this working?
>
>Thanks in advance.
>
>Richard Puga
>puga@mauibuilt.com
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020725075401.07beb2b8>