From owner-freebsd-questions  Tue Apr 13 10:25:42 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from chat.ecp.fr (chat.ecp.fr [138.195.33.30])
	by hub.freebsd.org (Postfix) with ESMTP id DE91B1576D
	for <questions@freebsd.org>; Tue, 13 Apr 1999 10:25:32 -0700 (PDT)
	(envelope-from dae@via.ecp.fr)
Received: from via.ecp.fr (daette.via.ecp.fr [138.195.137.130])
          by chat.ecp.fr (8.8.8/jtpda-5.3) with ESMTP id TAA03856
          ; Tue, 13 Apr 1999 19:25:57 +0200 (MET DST)
Message-ID: <37137E91.FD228656@via.ecp.fr>
Date: Tue, 13 Apr 1999 19:27:45 +0200
From: Andres <dae@via.ecp.fr>
Organization: ZoY
X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 3.1-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Mariusz Potocki <mariusz@ovitanutricia.com.pl>
Cc: Guy Helmer <ghelmer@scl.ameslab.gov>, questions@freebsd.org
Subject: Re: bridging
References: <XFMail.990413090330.mariusz@ovitanutricia.com.pl>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Mariusz Potocki wrote:

> Will you be so kind and mail me these patches ?
> Do your bridge work without IP assigning to NIC ? What about bridging IPX
> traffic ?

i have 2 nics and only one has an ip assigned, but i've read (don't
remember where) that assigning an ip to the other nic shouldn't be a
problem, i haven't tested it though.

if i understood correctly ip_fw.c the only thing the ipfirewall is aware
of is ip packets, and all the other packets go to the default rule. so
if you want to enable filtering with bridging, you have to put an open
default rule, or your arp packets won't pass the firewall (as they
aren't over ip). you can do that by adding this to the kernel config:
options IPFIREWALL_DEFAULT_TO_ACCEPT
with this every packet that is not matched by the firewall rules
(including arp, ipx, appletalk, whatever) will be bridged.

as for the patch, guy has just committed it into 3.1-stable, so just
cvsup to the latest stable. guy, i've just cvsupped and compiled a
kernel, if_ep.c bridging seems to be working right here. thanks a lot
:-)

as this might interest others as well, i've cc'ed questions@freebsd.org,
i hope this is not a problem.

regards,
	Andres


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message