Date: Tue, 22 Oct 2002 11:27:47 -0700 From: Luigi Rizzo <rizzo@icir.org> To: CHOI Junho <cjh@kr.FreeBSD.org> Cc: freebsd-net@FreeBSD.ORG, cjh@FreeBSD.ORG Subject: Re: bridge + ipfw fwd? Message-ID: <20021022112747.B33933@carp.icir.org> In-Reply-To: <20021022.183626.122873841.cjh@kr.FreeBSD.org>; from cjh@kr.FreeBSD.org on Tue, Oct 22, 2002 at 06:36:26PM %2B0900 References: <20021022.183626.122873841.cjh@kr.FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
layer-2 forwaed is not supported, and the reason is that forwarding
occurs at a different layer.
One way to implement this feature is the following:
+ in bdg_forward(), when a packet matches a "forward" action,
somehow mark the packet as having a local destination
(e.g. overwrite the MAC DST address) and pass it to
ether_input
this requires a bit of care to avoid loops, i think.
cheers
luigi
On Tue, Oct 22, 2002 at 06:36:26PM +0900, CHOI Junho wrote:
>
> Hi,
>
> I found packet forwarding by 'ipfw fwd' doesn't work for bridged
> configuration - linking 2 ethernet cards. I use bridged firewall for
> our office network, I tried to configure transparent proxy in the
> level of firewall.
>
> I looked the code contains bdg_forward() in sys/, but I found only it
> is not implemented at least in 4.7. Is there any patches for
> implementing it or still it is to-do features? Or do we have a
> reason why bridge+ipfw fwd is impossible?
>
> p.s. Please keep me on Cc:.
>
> --
> CHOI Junho <http://www.kr.FreeBSD.org/~cjh>; <cjh at kr.FreeBSD.org>
> FreeBSD Project <cjh at FreeBSD.org> Web Data Bank <cjh at wdb.co.kr>
> Key fingerprint = 1369 7374 A45F F41A F3C0 07E3 4A01 C020 E602 60F5
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021022112747.B33933>