Date: 28 Dec 2005 09:38:45 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Aaron Peterson <lloyd.peterson@gmail.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: pf, pfil hooks and if_bridge Message-ID: <44wthpmglm.fsf@be-well.ilk.org> In-Reply-To: <95550eab0512280613gf48a1fawd054b1b0b2594346@mail.gmail.com> References: <95550eab0512270731v31303cfbw9889f0e311872a5c@mail.gmail.com> <44acelnxnh.fsf@be-well.ilk.org> <95550eab0512280613gf48a1fawd054b1b0b2594346@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Aaron Peterson <lloyd.peterson@gmail.com> writes: > On 28 Dec 2005 08:45:06 -0500, Lowell Gilbert > <freebsd-questions-local@be-well.ilk.org> wrote: > > Aaron Peterson <lloyd.peterson@gmail.com> writes: > > > > > I was reading about the new if_bridge driver, and the ability of any > > > packet filter to interface with it that uses pfil hooks. But I can't > > > seem to find any documentation that says whether pf is such a packet > > > filter? Would someone enlighten me if pf is useable with the new > > > if_bridge driver? > > > > > > $ grep 'pfil\.h' /usr/scratch/ncvs/src/sys/contrib/pf/*/* > > /usr/scratch/ncvs/src/sys/contrib/pf/net/pf_ioctl.c,v:#include <net/pfil.h> > > $ > > > > So, the answer is "yes." > > Thanks, I think it's likely I would not have figured that out on my own :-) That was the condensed version. ;-) I was also checking on the configuration, but it looks like the if_bridge(4) manual page is all you need. I didn't *try* it, however, so I can't guarantee I caught all of the important points.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44wthpmglm.fsf>