From owner-freebsd-hackers  Thu Sep 27 15:24:34 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9])
	by hub.freebsd.org (Postfix) with ESMTP id E2BB737B405
	for <freebsd-hackers@freebsd.org>; Thu, 27 Sep 2001 15:24:29 -0700 (PDT)
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA67194;
	Thu, 27 Sep 2001 16:07:20 -0700 (PDT)
Date: Thu, 27 Sep 2001 16:07:19 -0700 (PDT)
From: Julian Elischer <julian@elischer.org>
To: Robert Hough <rch@acidpit.org>
Cc: freebsd-hackers@freebsd.org
Subject: Re: ng_bridge
In-Reply-To: <20010927180203.A23934@acidpit.org>
Message-ID: <Pine.BSF.4.21.0109271605320.65838-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

BRIDGE/DUMMYNET/net.link.ether.bridge=1/net.link.ether.bridge_ipfw=1
is one set of bridging code
ng_bridge is a completely separate (in my opinion, better, but I'm 
biased) setr of code.

they might interract if you turn them both on at the same time....


On Thu, 27 Sep 2001, Robert Hough wrote:

> On Thu, Sep 27, 2001, Julian Elischer wrote:
> 
> > well, maybe if you told us what you modified, and what happenned.....
> 
> $ diff /usr/share/examples/netgraph/ether.bridge ~/eth_bridge.sh
> 41,42c41,42
> < BRIDGE_IFACES="ed0 fxp0 fxp1"
> < LOCAL_IFACE="fxp0"
> ---
> > BRIDGE_IFACES="vx0 vx1"
> > LOCAL_IFACE=""
> 
> As far as what happened, it basically made everything connected to that
> hub unreachable by everything else. Other settings are to follow:
> 
> 
> # kernel config
> options		BRIDGE
> options		DUMMYNET
> options		IPFIREWALL
> options		IPFIREWALL_DEFAULT_TO_ACCEPT
> 
> # /etc/sysctl.conf
> net.link.ether.bridge=1
> net.link.ether.bridge_ipfw=1
> 
> No interface was configured with an IP address on the box at the time.
> The only ipfirewall rule in use was the default_accept. Thanks.
> 
> -- 
> Robert Hough (rch@acidpit.org)
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message