Date: Wed, 27 Sep 2000 10:12:49 -0500 From: afleming@fhsu.edu To: freebsd-questions@FreeBSD.ORG Subject: IPFW, Bridging, and IPX Message-ID: <OFD1EAFB26.6610ACB8-ON86256967.00521208@fhsu.edu>
index | next in thread | raw e-mail
I have a FreeBSD 4.1 that I am setting up as a Filtering Bridge. I have
added the following to my kernel and rebuilt it.
options BRIDGE
options IPFIREWALL
options IPFIREWALL_VERBOSE
I have the bridge working correctly. Currently I have the firewall rules
set to open, so any IP traffic goes through. This is working so far, but
it was my understanding that a FreeBSD Bridge would only Bridge IP, but
when I put a sniffer on the inside of the bridge, I keep seeing IPX
broadcasts, (As well as Apple Talk Broadcasts also.)
Has the bridge code recently changed? Is there a way I can block
everything but IP and ARP traffic? I know ARP's Ethernet protocol number
is 2054. Can I use the special UDP rule to block IPX and Apple based on
its protocol number?
I know I could subnet the address space and route it, but subnetting a /24
network just because I need to put 4 machines behind a firewall is not
worth the trouble. I can't use NAT because I have to use rotatable IPs in
these machines, so the best solution I found so far is a filtering bridge.
Thanks for any help anyone can provide.
Andrew Fleming
Fort Hays State University Computing Center
Phone: (785) 628-4433
E-mail: afleming@fhsu.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?OFD1EAFB26.6610ACB8-ON86256967.00521208>