From owner-freebsd-questions  Mon Jun 11 21: 6:37 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from mta4.srv.hcvlny.cv.net (mta4.srv.hcvlny.cv.net [167.206.5.10])
	by hub.freebsd.org (Postfix) with ESMTP id 6EB5837B401
	for <questions@FreeBSD.ORG>; Mon, 11 Jun 2001 21:06:32 -0700 (PDT)
	(envelope-from trini0@optonline.net)
Received: from optonline.net (ool-18be012f.dyn.optonline.net [24.190.1.47])
 by mta4.srv.hcvlny.cv.net
 (iPlanet Messaging Server 5.0 Patch 2 (built Dec 14 2000))
 with ESMTP id <0GES005MPU2UCF@mta4.srv.hcvlny.cv.net> for
 questions@FreeBSD.ORG; Tue, 12 Jun 2001 00:06:30 -0400 (EDT)
Date: Tue, 12 Jun 2001 00:06:30 -0400
From: Gerard Samuel <trini0@optonline.net>
Subject: Re: IPFilter not blocking?
To: Richard Lucas <rlucas@threeh.com>
Cc: FreeBSD Questions <questions@FreeBSD.ORG>
Message-id: <3B259546.4700A942@optonline.net>
MIME-version: 1.0
X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386)
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7BIT
X-Accept-Language: en
References: <20010611151353.E24079-100000@localhost>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

IPFilter doesnt bridge on FreeBSD, so I dont know if your plan would work.
As far as I know, only IPFIREWALL bridges...

Richard Lucas wrote:

> I've setup a bridging firewall by adding the following to my kernel:
>
> options BRIDGE
> options IPFILTER
> options IPFILTER_LOG
> options IPFILTER_DEFAULT_BLOCK
>
> I also put in net.link.ether.bridge=1 in my sysctl.conf file. The problem
> I'm having is it isn't blocking anything. I even tried taking out my
> ruleset and just using block in all and that still doesn't block anything.
> The bridging works fine but it doesn't block any packets at all. Anyone
> have any ideas what the problem might be?
>
> -Richard
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message