From owner-freebsd-hackers Thu Sep 27 15: 2:11 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from tsunami.acidpit.org (tsunami.acidpit.org [206.190.163.234]) by hub.freebsd.org (Postfix) with ESMTP id B909B37B401 for ; Thu, 27 Sep 2001 15:02:06 -0700 (PDT) Received: (from rch@localhost) by tsunami.acidpit.org (8.11.3/8.11.3) id f8RM23E23975; Thu, 27 Sep 2001 18:02:03 -0400 (EDT) (envelope-from rch@acidpit.org) Date: Thu, 27 Sep 2001 18:02:03 -0400 From: Robert Hough To: Julian Elischer Cc: freebsd-hackers@freebsd.org Subject: Re: ng_bridge Message-ID: <20010927180203.A23934@acidpit.org> References: <20010927165304.C23689@acidpit.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from julian@elischer.org on Thu, Sep 27, 2001 at 15:39:45 -0700 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Sep 27, 2001, Julian Elischer wrote: > well, maybe if you told us what you modified, and what happenned..... $ diff /usr/share/examples/netgraph/ether.bridge ~/eth_bridge.sh 41,42c41,42 < BRIDGE_IFACES="ed0 fxp0 fxp1" < LOCAL_IFACE="fxp0" --- > BRIDGE_IFACES="vx0 vx1" > LOCAL_IFACE="" As far as what happened, it basically made everything connected to that hub unreachable by everything else. Other settings are to follow: # kernel config options BRIDGE options DUMMYNET options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT # /etc/sysctl.conf net.link.ether.bridge=1 net.link.ether.bridge_ipfw=1 No interface was configured with an IP address on the box at the time. The only ipfirewall rule in use was the default_accept. Thanks. -- Robert Hough (rch@acidpit.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message