Date: Mon, 24 May 2004 22:58:52 +0200 From: Christian Hiris <4711@chello.at> To: freebsd-questions@freebsd.org Cc: ipfw@freebsd.org Subject: Re: What's the "bridged" option in ipfw's man page ? Message-ID: <200405242259.05178.4711@chello.at> In-Reply-To: <20040524110443.70695.qmail@web40602.mail.yahoo.com> References: <20040524110443.70695.qmail@web40602.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Monday 24 May 2004 13:04, Supote Leelasupphakorn wrote:
> Hi... lists,
>
> I've read the "ipfw" man page and in the "RULE OPTION"
> There is "bridged" option there. I'm currently set the
> bridge-base firewall so my question is what's the bridged
> packets and how much I take advantage from this option ?
>
> TIA,
> pjn
The rule option "bridged" is used as an alias for "layer2" by the ipfw
command.
Some interesting points written in "PACKET FLOW" in man ipfw and "BUGS" in man
bridge.
Examples how the layer2 rule option could be used (I have not tested them, you
can find some more on google):
${fwcmd} add pass layer2 mac-type arp // allow arp
${fwcmd} add skipto 20000 layer2 // goto rules for bridged packets
${fwcmd} add [...] // rules for non-bridged packets
${fwcmd} add deny all from any to any // end of rules for non-bridged packets
${fwcmd} add 20000 [...] // rules for bridged packets
regards
ch
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQBAsmIYcyi/EZQbawsRAs4UAJ4mwPgGGQMVgVbPwHBKclJtRs4dWQCfbGX0
2rUJD+qYwTylNVHBb4AkY3s=
=xNEd
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200405242259.05178.4711>