From owner-freebsd-ipfw@FreeBSD.ORG Fri Dec 5 06:26:35 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFE8516A4CE for ; Fri, 5 Dec 2003 06:26:35 -0800 (PST) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0023D43FBD for ; Fri, 5 Dec 2003 06:26:33 -0800 (PST) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2657.72) id ; Fri, 5 Dec 2003 09:26:32 -0500 Message-ID: From: Don Bowman To: 'Ganbold' , freebsd-ipfw@freebsd.org Date: Fri, 5 Dec 2003 09:26:27 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain; charset="iso-8859-1" Subject: RE: bridged ipfw problem in FreeBSD 5.2beta X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Dec 2003 14:26:35 -0000 From: Ganbold [mailto:ganbold@micom.mng.net] ... bridging firewall ... ># Allowing connections through localhost. >${fwcmd} add 300 pass all from any to any via lo0 ># pass ARP >${fwcmd} add 301 pass udp from 0.0.0.0 2054 to 0.0.0.0 the comment at least is not right, arp is not udp. maybe something like "add 301 allow layer2 mac-type arp" instead? --don