From owner-freebsd-net  Fri Dec 15  3:10:52 2000
From owner-freebsd-net@FreeBSD.ORG  Fri Dec 15 03:10:50 2000
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mail.interware.hu (mail.interware.hu [195.70.32.130])
	by hub.freebsd.org (Postfix) with ESMTP id 71FAF37B400
	for <freebsd-net@freebsd.org>; Fri, 15 Dec 2000 03:10:49 -0800 (PST)
Received: from monrovia-31.budapest.interware.hu ([195.70.53.223] helo=elischer.org)
	by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian))
	id 146slD-0002GV-00; Fri, 15 Dec 2000 12:10:47 +0100
Sender: julian@FreeBSD.ORG
Message-ID: <3A39FC10.CD52AB65@elischer.org>
Date: Fri, 15 Dec 2000 03:10:08 -0800
From: Julian Elischer <julian@elischer.org>
X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386)
X-Accept-Language: en, hu
MIME-Version: 1.0
To: Clark Gaylord <cgaylord@vt.edu>
Cc: freebsd-net@freebsd.org
Subject: Re: non-learning bridge for pathological network
References: <20001214222838.B84586@cgaylord.async.vt.edu>
Content-Type: text/plain; charset=iso-8859-15
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Clark Gaylord wrote:
> 
> I am interested in creating a pathological lab network with the
> following forwarding rules:
>  - three networks (A,B,C)
>  - packets from A or C are forwarded to B
>  - packets from B are forward to both A and C
> 
> I was thinking of using BRIDGE+ipfw to create this by hacking
> bridge.c so that all dsts are UNKNOWN, then filtering via ipfw by
>   deny ip from A to C
>   deny ip from C to A
> 
> Seems like this would work, but I was wondering what others' thoughts
> might be on this approach.  Perhaps BRIDGE could have a (compile-time?)
> non-learning flag so that all packets get forwarded as if they are
> UNKNOWN.
> 
> Oh, btw, I also want tcpdump to work on any of these interfaces. ;-)
> 
> Thanks.
> Clark
> cgaylord@vt.edu
> 
> ----- End forwarded message -----
> 
> --
> Clark K. Gaylord
> Blacksburg, Virginia USA
> cgaylord@vt.edu
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message


use the netgraph bridgeing. (see the ng_bridge man page and
the /usr/share/examples/netgraph  documents)

it can be loaded as modules so if you really want to 
you can 'hack' up your own ng-bridge module that does whatever you 
want, and load that instead.

of course tcpdump still works too..

-- 
      __--_|\  Julian Elischer
     /       \ julian@elischer.org
    (   OZ    ) World tour 2000
---> X_.---._/  presently in:  Budapest
            v


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message