From owner-freebsd-questions Mon Feb 12 13:13:56 2001 Delivered-To: freebsd-questions@freebsd.org Received: from silver.teardrop.org (silver.teardrop.org [205.181.101.128]) by hub.freebsd.org (Postfix) with ESMTP id CD64D37B491 for ; Mon, 12 Feb 2001 13:13:51 -0800 (PST) Received: (from snow@localhost) by silver.teardrop.org (8.11.1/8.11.1) id f1CLDor38489 for freebsd-questions@freebsd.org; Mon, 12 Feb 2001 16:13:50 -0500 (EST) (envelope-from snow@teardrop.org) Date: Mon, 12 Feb 2001 16:13:50 -0500 From: James Snow To: freebsd-questions@freebsd.org Subject: ARP, bridging, and ipfw Message-ID: <20010212161340.A38417@teardrop.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm experimenting with using a FreeBSD box as a transparent firewall. Looking at /etc/rc.firewall, I see: # If you're using 'options BRIDGE', uncomment the following line to pass ARP #${fwcmd} add 300 pass udp from 0.0.0.0 2054 to 0.0.0.0 I found it curious that I'd had no problems with ARP before adding that line to the rules I'm using, and that even after adding it as the first rule in the list, it never matches, even after I flush my local ARP cache and force some ARP requests. Are these lines in /etc/rc.firewall deprecated? Do ARP packets get excetped from the ipfw rules now or something? Also, what on earth does ARP have to do with UDP sourced from port 2054? Just curious, -James To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message