From owner-freebsd-questions  Mon Jun 11 13:18:20 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from shell.threeh.com (ip209-183-79-19.ts.indy.net [209.183.79.19])
	by hub.freebsd.org (Postfix) with ESMTP id 27BB637B405
	for <questions@freebsd.org>; Mon, 11 Jun 2001 13:18:16 -0700 (PDT)
	(envelope-from rlucas@threeh.com)
Received: from localhost (rlucas@localhost)
	by shell.threeh.com (8.11.3/8.11.3) with ESMTP id f5BKI5b24085
	for <questions@freebsd.org>; Mon, 11 Jun 2001 15:18:07 -0500 (EST)
	(envelope-from rlucas@threeh.com)
X-Authentication-Warning: shell.threeh.com: rlucas owned process doing -bs
Date: Mon, 11 Jun 2001 15:18:05 -0500 (EST)
From: Richard Lucas <rlucas@threeh.com>
X-X-Sender:  <rlucas@localhost>
To: <questions@freebsd.org>
Subject: IPFilter not blocking?
Message-ID: <20010611151353.E24079-100000@localhost>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I've setup a bridging firewall by adding the following to my kernel:

options	BRIDGE
options	IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK

I also put in net.link.ether.bridge=1 in my sysctl.conf file. The problem
I'm having is it isn't blocking anything. I even tried taking out my
ruleset and just using block in all and that still doesn't block anything.
The bridging works fine but it doesn't block any packets at all. Anyone
have any ideas what the problem might be?


-Richard


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message