From owner-freebsd-security Sat Feb 23 23:15:31 2002 Delivered-To: freebsd-security@freebsd.org Received: from caligula.anu.edu.au (caligula.anu.edu.au [150.203.224.42]) by hub.freebsd.org (Postfix) with ESMTP id 29BD537B402 for ; Sat, 23 Feb 2002 23:15:29 -0800 (PST) Received: (from avalon@localhost) by caligula.anu.edu.au (8.9.3/8.9.3) id SAA12448; Sun, 24 Feb 2002 18:15:24 +1100 (EST) From: Darren Reed Message-Id: <200202240715.SAA12448@caligula.anu.edu.au> Subject: Re: ipf transparently To: lee.brotherston@uk.easynet.net (Lee Brotherston) Date: Sun, 24 Feb 2002 18:15:24 +1100 (Australia/ACT) Cc: freebsd-security@FreeBSD.ORG ('freebsd-security@freebsd.org') In-Reply-To: <002b01c1bcc6$a952b1c0$a2daccd9@nerds.org.uk> from "Lee Brotherston" at Feb 24, 2002 12:03:17 AM X-Mailer: ELM [version 2.5 PL1] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In some mail from Lee Brotherston, sie said: > > Apologies in advance if I'm missing something really obvious here. > But I've setup my FreeBSD box to be a bridge, and has both ipfw and > ipf compiled into the kernel. The bridging works perfectly and if I > set the following using sysctl I can filter the bridged traffic with > ipfw fine. > > net.link.ether.bridge_ipfw: 1 > > However I have not been able to find where to set a similar option to > allow ipf to filter the traffic. I tried just applying some rules > incase, and they had no effect. Someone (probably me) needs to make the bridge hooks work for ipf. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message