From owner-freebsd-security Wed Mar 14 0:31:45 2001 Delivered-To: freebsd-security@freebsd.org Received: from hotmail.com (f113.law7.hotmail.com [216.33.237.113]) by hub.freebsd.org (Postfix) with ESMTP id 2299237B71B for ; Wed, 14 Mar 2001 00:31:41 -0800 (PST) (envelope-from ntvsunix@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 14 Mar 2001 00:31:41 -0800 Received: from 209.53.55.186 by lw7fd.law7.hotmail.msn.com with HTTP; Wed, 14 Mar 2001 08:31:40 GMT X-Originating-IP: [209.53.55.186] From: "Some Person" To: freebsd-security@freebsd.org Subject: Re: Bridging only 2 interfaces??? Date: Wed, 14 Mar 2001 08:31:40 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 14 Mar 2001 08:31:41.0013 (UTC) FILETIME=[31969050:01C0AC61] Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Speaking of that, is it still not possible to filter bridged frames on FreeBSD with IPF? Personally IPF is my prefered choice over IPFW, although of course IPFW does have DUMMYNET.. :) Dunno if that's been changed yet, or if there's any plans for it? In the meanwhile, I've opted for OpenBSD and to be honest, I love it and haven't seen any performance penalty at all... I use FreeBSD for all other things too, but think would be kewl to have this in FreeBSD as well... Thanks. > >On Tue, Mar 13, 2001 at 09:57:35PM -0700, Craig Chaney wrote: > > I have set up a bridging firewall that has 3 interfaces. One of the > > interfaces is the protected side of the machine, one is the internet >side of > > the machine, and the third is an interface in to my local network for > > management purposes. Is it possible to set up the machine to bridge just >the > > interfaces not connected to the local network? If so how? > >You should have a look at sysctl net.link.ether.bridge_cfg where you can >define which interfaces that are bridged > >eg: sysctl -w net.link.ether.bridge_cfg: fxp0:1,fxp1:1,fxp2:0, >which will bridge on fxp0 and fxp1 but not fxp2 > >// Rene > >-- >Micro$oft is not the answer, Micro$oft is the question, the answer is no. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message