From owner-freebsd-net@FreeBSD.ORG  Sat Jan 27 16:40:04 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 1028D16A401
	for <freebsd-net@freebsd.org>; Sat, 27 Jan 2007 16:40:04 +0000 (UTC)
	(envelope-from antonio.tommasi@unile.it)
Received: from cabis.unile.it (cabis.unile.it [212.189.128.35])
	by mx1.freebsd.org (Postfix) with ESMTP id B6D6313C4A3
	for <freebsd-net@freebsd.org>; Sat, 27 Jan 2007 16:40:03 +0000 (UTC)
	(envelope-from antonio.tommasi@unile.it)
Received: from localhost (cabis [127.0.0.1])
	by cabis.unile.it (Postfix) with ESMTP id 4E32C22AF0C
	for <freebsd-net@freebsd.org>; Sat, 27 Jan 2007 17:20:49 +0100 (CET)
X-Virus-Scanned: virus/spam checker at unile.it
Received: from cabis.unile.it ([127.0.0.1])
	by localhost (cabis.unile.it [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id vxKW7c1zbCfk for <freebsd-net@freebsd.org>;
	Sat, 27 Jan 2007 17:20:49 +0100 (CET)
Received: from webmail.ilenic.unile.it (webmail.ilenic.unile.it
	[212.189.128.42])
	by cabis.unile.it (Postfix) with ESMTP id F3B0622AED8
	for <freebsd-net@freebsd.org>; Sat, 27 Jan 2007 17:20:48 +0100 (CET)
Received: from 151.50.247.45 (SquirrelMail authenticated user atommasi)
	by webmail.ilenic.unile.it with HTTP;
	Sat, 27 Jan 2007 17:20:49 +0100 (CET)
Message-ID: <10239.151.50.247.45.1169914849.squirrel@webmail.ilenic.unile.it>
Date: Sat, 27 Jan 2007 17:20:49 +0100 (CET)
From: antonio.tommasi@unile.it
To: freebsd-net@freebsd.org
User-Agent: SquirrelMail/1.4.6 [CVS]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: Filtering Bridge Traffic on layer IP
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Jan 2007 16:40:04 -0000

Hi to all,
i've configured a freebsd box bridge. This machine have 2 ethernet card
and i configure them with one ip address. I also configure firewalling
with ipfw on this box.
Is there a possibility to filter bridged traffic with ipfw on layer IP?
I need to allow some machine with some ip to access to internet and the
other not.
I cannot implemet nat-firewalling because i need to not change actual ip
configuration on my lan.
Have you any suggestion?
Thanks in advance
Antonio