From owner-freebsd-net@FreeBSD.ORG Fri May 25 00:05:02 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5034B16A400 for ; Fri, 25 May 2007 00:05:02 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outM.internet-mail-service.net (outM.internet-mail-service.net [216.240.47.236]) by mx1.freebsd.org (Postfix) with ESMTP id 3AEB113C45B for ; Fri, 25 May 2007 00:05:02 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Thu, 24 May 2007 17:05:01 -0700 Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 7F8DF125A24; Thu, 24 May 2007 17:05:00 -0700 (PDT) Message-ID: <46562834.5070007@elischer.org> Date: Thu, 24 May 2007 17:05:08 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326) MIME-Version: 1.0 To: G E E K References: <465626CF.9030907@elischer.org> In-Reply-To: <465626CF.9030907@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: antonio.tommasi@unile.it, freebsd-net@freebsd.org Subject: Re: Bridge transparent proxy X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 May 2007 00:05:02 -0000 Julian Elischer wrote: > G E E K wrote: >> >> >> Did you check if the bridge.ko and ipfw.ko modules are loaded with the >> kernel or not? >> >> Regards, >> Saleh >> >> >>> From: Antonio Tommasi >>> To: freebsd-net@freebsd.org >>> Subject: Bridge transparent proxy >>> Date: Thu, 24 May 2007 07:06:54 +0200 >>> >>> Hi to all i'm trying to installa a bridge transparent proxy on a >>> freebsd 6.2 with ipfw and squid. >>> I have two machine; >>> on the first one i've enabled option bridge in kernel option and >>> then i've recompile it and set variable sysctl in /etc/sysctl.conf >>> on the second i've set bridge_load module on the boot/loader.conf and >>> set the same variable from above in /etc/sysctl.conf >>> Naturally i've used the correct name of network interface in the >>> configuration file on the two machine. >>> I've the same configuration in firewall rules and squid in the two >>> machine. >>> It works only on the machine with the kernel recompiled with bridge >>> module. >>> Somebody can help me? >>> Thanks in advance >>> Antonio > > you can not do 'fwd' in a bridge. > (I assume htat is what you want to do) > you need to be routing.. > > bridges do everythign at layer2 > fwd only works at layer3. I just reread the original mail.. I'm surprised it works on the fully compiled in machine.. but assuming that what you do does work, then It could be that unless you compile it fully, you will not get IP_FIREWALL_FORWARD so the IP stack will not have the appropriate changes in it. > > >>> _______________________________________________ >>> freebsd-net@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> _________________________________________________________________ >> Express yourself instantly with MSN Messenger! Download today it's >> FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"