Date: Fri, 30 Sep 2005 15:43:41 +0800 From: "Mao Shou Yan" <david.mao@thomson.net> To: "Marcin Jessa" <lists@yazzy.org> Cc: freebsd-net@freebsd.org Subject: RE: ipfw bridge + fwd questions Message-ID: <31021C278A7A6B4AB95E9A085C3552181F7608@bjngsmail01>
next in thread | raw e-mail | index | archive | help
NO, fwd can work only on layer 3 packet! -----Original Message----- From: owner-freebsd-net@freebsd.org = [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Marcin Jessa Sent: 2005=C4=EA9=D4=C230=C8=D5 15:35 To: Ganbold Cc: freebsd-net@freebsd.org Subject: Re: ipfw bridge + fwd questions On Fri, 30 Sep 2005 15:39:49 +0900 Ganbold <ganbold@micom.mng.net> wrote: > Hi, >=20 > I have a question regarding ipfw fwd rule. > I'm using FreeBSD 5.4-STABLE and running on it bridging firewall > using ipfw. >=20 > Now my question comes:) > Can I use ipfw fwd rules against traffic coming to one of the bridged=20 > interfaces? Yes you can. sysctl net.link.ether.bridge_ipfw=3D1 just like in your sysctl = variables. > I would like to forward some packets (which are destined to port > 110) > to some other router through third vr0 interface. Use a divert rule for that. In this example we send all the port 80 traffic to port 8000: # ipfw add 1000 divert 8000 tcp from any to any 80 Read this article for more info: http://freebsd.rogness.net/snort_inline/ Cheers Marcin. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?31021C278A7A6B4AB95E9A085C3552181F7608>