Date: Sat, 03 Dec 2005 06:44:52 -0500 From: David Pierron <david@wombatsweb.com> To: freebsd-pf@freebsd.org Subject: Re: FBSD6 if_bridge Message-ID: <43918534.7070001@wombatsweb.com> In-Reply-To: <4390EEBE.5090206@freebsd.org> References: <43904815.4070805@wombatsweb.com> <43908AB1.7030107@freebsd.org> <43909B86.4050308@wombatsweb.com> <43909F53.4010905@freebsd.org> <4390C868.5010705@wombatsweb.com> <4390EEBE.5090206@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce A. Mah on 12/02/2005 8:02 PM wrote: >If memory serves me right, David Pierron wrote: > > >>Ah! I applied those settings to rc.conf and got the following results: >> >>fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 >> options=8<VLAN_MTU> >> inet6 xxxx::xxx:xxxx:xxxx:xxxx%fxp0 prefixlen 64 scopeid 0x1 >> ether xx:xx:xx:xx:xx:xx >> media: Ethernet autoselect (none) >> status: no carrier >>fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 >> options=8<VLAN_MTU> >> inet6 xxxx::xxx:xxxx:xxxx:xxxx%fxp1 prefixlen 64 scopeid 0x2 >> ether xx:xx:xx:xx:xx:xx >> media: Ethernet autoselect (none) >> status: no carrier >> >> > >OK, this looks better. No guarantees but I'm pretty sure it would never >have worked before. Hopefully this will at least get you closer. > Bah! Left my IP address in there, but heck ... Who can't look at email headers? >> can't wait until the wee hours to test this! They do seem to have >>IPV6 addresses ... Can I shut that off? Comment out IPV6 in the >>kernel? I don't need IPV6 ... >> >> > >If you really want them gone, then you probably need to comment out IPv6 >from your kernel. > > Since I don't need it at all, I think good to remove from the kernel so nothing is an issue ... Saves me on the ruleset typing and it won't generate those rules needlessly ... While composing I was compiling the new kernel ... Commenting out IPV6 and removing "inet" from the rule did the trick ... It no longer produces 2 rules ... >>Anyway, I'll report on the ifconfig_inf(x)="up" and see if that is the ticket ... >> >> >Looking forward to hearing the good news... > Excuse my French but, OMFG! That was it! I had seen that as part of the OBSD setup ... but I thought that was the way OBSD worked or something because these statements were not necessary for the IPFW BRIDGE setup I have in place now ... I stuffed those CAT5 puppies into the NICs for about 5 minutes maybe ... Got 4100 lines of blocks from the two interfaces ... (They were all "block in" btw) ... Here I thought there wasn't that much traffic at this time of the AM ... Now will compose a ruleset before I start using it again ... Viewing with tcpdump -n -e -ttt -r /var/log/pflog ... WAY more detailed than the IPFW BRIDGE ... Just seeing the DNS queries to the name servers ... NEAT! I even see how noisy the Windows machines are ... so many broadcasts ... I have a colo here, and I see he has DHCP running ... Why? I will ask him later today ... Thanks ever so much! I popped your name in the HOW-TO I am creating @ http://test.davidpierron.com/fbsd-pf.php
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43918534.7070001>