Date: Mon, 24 May 2004 22:58:52 +0200 From: Christian Hiris <4711@chello.at> To: freebsd-questions@freebsd.org Cc: ipfw@freebsd.org Subject: Re: What's the "bridged" option in ipfw's man page ? Message-ID: <200405242259.05178.4711@chello.at> In-Reply-To: <20040524110443.70695.qmail@web40602.mail.yahoo.com> References: <20040524110443.70695.qmail@web40602.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_YImsAYlY1X11BLE
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Monday 24 May 2004 13:04, Supote Leelasupphakorn wrote:
> Hi... lists,
>
> I've read the "ipfw" man page and in the "RULE OPTION"
> There is "bridged" option there. I'm currently set the
> bridge-base firewall so my question is what's the bridged
> packets and how much I take advantage from this option ?
>
> TIA,
> pjn
The rule option "bridged" is used as an alias for "layer2" by the ipfw=20
command.=20
Some interesting points written in "PACKET FLOW" in man ipfw and "BUGS" in =
man=20
bridge.
Examples how the layer2 rule option could be used (I have not tested them, =
you=20
can find some more on google):
${fwcmd} add pass layer2 mac-type arp // allow arp
${fwcmd} add skipto 20000 layer2 // goto rules for bridged packets
${fwcmd} add [...] // rules for non-bridged packets
${fwcmd} add deny all from any to any // end of rules for non-bridged pack=
ets
${fwcmd} add 20000 [...] // rules for bridged packets=20
regards
ch
--Boundary-02=_YImsAYlY1X11BLE
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQBAsmIYcyi/EZQbawsRAs4UAJ4mwPgGGQMVgVbPwHBKclJtRs4dWQCfbGX0
2rUJD+qYwTylNVHBb4AkY3s=
=xNEd
-----END PGP SIGNATURE-----
--Boundary-02=_YImsAYlY1X11BLE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200405242259.05178.4711>