From owner-freebsd-questions  Sat Jun  8  9:17:16 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from valis.olywa.net (valis.olywa.net [216.173.192.2])
	by hub.freebsd.org (Postfix) with ESMTP id 4BD4F37B401
	for <freebsd-questions@freebsd.org>; Sat,  8 Jun 2002 09:17:10 -0700 (PDT)
Received: from intrepid.snowpoint.com ([216.173.213.173])
          by valis.olywa.net (Post.Office MTA v3.5.3 release 223
          ID# 0-56662U5000L500S0V35) with ESMTP id net
          for <freebsd-questions@freebsd.org>;
          Sat, 8 Jun 2002 09:17:04 -0700
Received: from ([216.173.213.172])
        by intrepid.snowpoint.com (Merak 4.10.020) with SMTP id HUB36795;
        Sat, 08 Jun 2002 09:12:34 -0700
From: "Corey Snow" <corey@snowpoint.com>
To: freebsd-questions@freebsd.org, RJ45 <rj45@slacknet.com>
Date: Sat, 8 Jun 2002 09:17:02 -0700
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: Re: FreeBSD and ipfilter bridging
Message-ID: <3D01CB8E.7585.3BA66CA@localhost>
In-reply-to: <Pine.LNX.4.21.0206080249110.9319-100000@slacknet.slacknet.com>
X-mailer: Pegasus Mail for Win32 (v3.12c)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On 8 Jun 2002, at 2:51, RJ45 wrote:

> 
> Hello, I Wanted to ask at which point is right now the bridging between 2
> NICs on FreeBSD and possibility to filter between them using ipf ?? I
> don't like anymore OpenBSD since it switched to PF (it does not work as
> well as ipfilter) so I wanted to switch to FreeBSD but I guess if there is
> enough support for bridging+ipfilter. any hints?
> thanks
> 

Well, I don't know about IPFILTER per se, but there is support for 
bridging + filtering using IPFIREWALL. I just set up a box to do 
that. There's tutorials on the FreeBSD site, but you kind of have to 
dig around a bit because none of them is exhaustive. Check the 
Handbook, Chapter 10 on Security. Also, read Chapter 9 on recompiling 
your kernel (you probably already can do this unless OpenBSD is 
totally different; I have no idea there). In the Docs section of the 
web site you'll find a document on Bridging which also has good info.

Like I said, I don't know about IPFILTER because I haven't used it, 
but I got a box running last night using IPFIREWALL and it works 
great. I'm using it right now, as a matter of fact- it's filtering my 
LAN traffic for me.

Regards,

Corey Snow


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message