From owner-freebsd-net Mon Mar 26 8:46: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from info.iet.unipi.it (info.iet.unipi.it [131.114.9.184]) by hub.freebsd.org (Postfix) with ESMTP id 2988437B71B for ; Mon, 26 Mar 2001 08:45:56 -0800 (PST) (envelope-from luigi@info.iet.unipi.it) Received: (from luigi@localhost) by info.iet.unipi.it (8.9.3/8.9.3) id SAA71441; Mon, 26 Mar 2001 18:45:34 +0200 (CEST) (envelope-from luigi) From: Luigi Rizzo Message-Id: <200103261645.SAA71441@info.iet.unipi.it> Subject: Re: netgraph ng_bridge and ipfilter In-Reply-To: <000901c0b612$cac1f7f0$8a02a8c0@ntpc> from Peter Blok at "Mar 26, 2001 06:35:35 pm" To: Peter.Blok@inter.NL.net Date: Mon, 26 Mar 2001 18:45:33 +0200 (CEST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [Charset iso-8859-1 unsupported, filtering to ASCII...] > Hi, > > Another question. I saw a posting a while ago, ipfilter doesn't work > completely when a bridge is created with netgraph. I want to create a > transparent firewall without NAT. I know OpenBSD has a bridge that works, > but OpenBSD doesn't have netgraph. > > Is this still the case with 4.3-RC the above description is a bit confused -- do you need netgraph for some reason, or what ? In any case, in 4.3, native bridging now works with ipfw to build transparent firewalls (without nat). Don't know if you can do the same with netgraph, i am sure you will get some reply from the authors cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone (510) 666 2927 . ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message