Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 27 May 2014 21:30:42 -0400
From:      Christopher Hilton <chris@vindaloo.com>
To:        Jim Pazarena <fquest@paz.bz>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: transparent bridge ~ firewall
Message-ID:  <7AE311B2-271B-4600-9DBC-4EC53F970EC0@vindaloo.com>
In-Reply-To: <537ADD0E.5020803@paz.bz>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
On May 20, 2014, at 12:41 AM, Jim Pazarena <fquest@paz.bz> wrote:

> Is it possible to configure fbsd so that it passes traffic thru two
> nics "transparently", (with a third nic installed as the management IP)?
> 
> So that firewall rules can be applied between those two transparent
> nics? Don't want NAT, don't want routing. Just firewall "allow", "drop",
> or re-direct.
> 
> I purchased a device which uses debian to do this. I would like to
> see if I can duplicate the functions on FreeBSD, my OS of choice.
> 


FreeBSD may be able to do this by building a bridge device between two interfaces and then using pf on the individual interfaces. I'm not 100% on the capabilities of FreeBSD's bridge devices. I do this on OpenBSD and it works very well. 

-- Chris


[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJThTxDAAoJEE2ar4QHIpj4B0gQAKhpOOp1cJR8sk1RgDvLI/tW
O3NAwlaTfdB1+C2uy8OUIeDPMAFO2ZwoaQKKZUTVQsHyGfF4JcQzIFdknlwnFv7v
iCU6wFAGbkwX7N6ernz52hT3stnawgansga2anoXgp2zXUzTntJbQm4p1Jd0KxHO
U26yfkpy07QYo8PF5HI1khteWhaA3GzzhQ9UeWQpP5XmvGfOg5YDjqccZ8Ye6w3H
Fv139BivpAvMR9YrmrriDw8XhoQTmode6MTypR40MuCYnfjNjpe8MkrzbyH5N4ub
dIS4XlBh46iOHe5nHtSWKFByIcMN37fA4RmYIOjMd4wMNqNSXgYgSrShDBfui+W1
bgOAJYKVJ8dC0BQ3FOcyx83E4pJtj+aXBjq8w+fz6ypVqLXnD+gYxTJkXLHwaFvL
n9nSjMVA+4m/TcP9YbHJpuBpf5Po+LG6yQIeCyJXq5+nQzOjwn12nBm6/+quH+t/
rm/wRoVUBiHhQRFkr1uhGR0anGxLGbjQ1g6aSz6uzVlIis2tQMbukJADAWV2uUSt
ojkRGzUyWZKkfV8TZNaQ++uAvaPEHRojQXFQrQPr4EUhPl4nz6v5XzN6X5kvsx8y
6rFUroSI5ZhyxCetVMvGjCWLjlRuAHixp+oKPkfBR8i0S0Ns98zwmYIrLq/mn4E5
p9YBByRozxC2n4ZMfQtc
=QaU2
-----END PGP SIGNATURE-----
help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7AE311B2-271B-4600-9DBC-4EC53F970EC0>