From owner-freebsd-security Tue Mar 13 23:42: 0 2001 Delivered-To: freebsd-security@freebsd.org Received: from luke.macfat.dk (port3.ds1-taa.adsl.cybercity.dk [212.242.189.68]) by hub.freebsd.org (Postfix) with ESMTP id 0A59137B719 for ; Tue, 13 Mar 2001 23:41:53 -0800 (PST) (envelope-from macfat@macfat.dk) Received: by luke.macfat.dk (Postfix, from userid 1001) id CDFED55416; Wed, 14 Mar 2001 08:41:51 +0100 (CET) Date: Wed, 14 Mar 2001 08:41:51 +0100 From: Rene Pedersen To: Craig Chaney Cc: freebsd-security@freebsd.org Subject: Re: Bridging only 2 interfaces??? Message-ID: <20010314084151.A93208@luke.macfat.dk> References: <001501c0ac43$49dcfe60$a3b746a6@cook> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <001501c0ac43$49dcfe60$a3b746a6@cook>; from cookfire@xmission.com on Tue, Mar 13, 2001 at 09:57:35PM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Mar 13, 2001 at 09:57:35PM -0700, Craig Chaney wrote: > I have set up a bridging firewall that has 3 interfaces. One of the > interfaces is the protected side of the machine, one is the internet side of > the machine, and the third is an interface in to my local network for > management purposes. Is it possible to set up the machine to bridge just the > interfaces not connected to the local network? If so how? You should have a look at sysctl net.link.ether.bridge_cfg where you can define which interfaces that are bridged eg: sysctl -w net.link.ether.bridge_cfg: fxp0:1,fxp1:1,fxp2:0, which will bridge on fxp0 and fxp1 but not fxp2 // Rene -- Micro$oft is not the answer, Micro$oft is the question, the answer is no. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message