Filtering Bridge Traffic on layer IP
- From: antonio.tommasi@xxxxxxxx
- Date: Sat, 27 Jan 2007 17:20:49 +0100 (CET)
Hi to all,
i've configured a freebsd box bridge. This machine have 2 ethernet card
and i configure them with one ip address. I also configure firewalling
with ipfw on this box.
Is there a possibility to filter bridged traffic with ipfw on layer IP?
I need to allow some machine with some ip to access to internet and the
other not.
I cannot implemet nat-firewalling because i need to not change actual ip
configuration on my lan.
Have you any suggestion?
Thanks in advance
Antonio
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Filtering Bridge Traffic on layer IP
- From: Luigi Rizzo
- Re: Filtering Bridge Traffic on layer IP
- Prev by Date: Re[4]: reproducible watchdog timeout in bge
- Next by Date: Re: Filtering Bridge Traffic on layer IP
- Previous by thread: ng_pptpgre problems: tcp connections reset unexpectedly
- Next by thread: Re: Filtering Bridge Traffic on layer IP
- Index(es):
Relevant Pages
- Re: ARP Question - Maybe?
... I have configured the bridge and ... > I'm not really sure but I suspect
my problem might be with ARP? ... > the web based configuration utility. ...
> setup ipfw to log all traffic to that interface and can see the traffic ... (freebsd-questions) - Re: Filtering Bridge Traffic on layer IP
... i've configured a freebsd box bridge. ... I also configure firewalling
... Is there a possibility to filter bridged traffic with ipfw on layer IP? ...
configuration on my lan. ... (freebsd-net) - stealth firewall problem
... somethimes i get the "kernel panic" message with some errors on the bridge kernel module.
... the klogd jumped to 99% of cpu and my machine freozed many times. ... here is
the kernel config part where i set the networking support: ... # IP: Virtual Server
Configuration ... (Linux-Kernel) - 5.4 -- bridging, ipfw, dot1q
... I'm setting up a bridging firewall where the packets are passing through ...
assume the bridge at least sees the packets). ... My only guess is that ipfw doesn't
have the brains to look beyond the VLAN ... or because of the dot1q headers. ...
(freebsd-hackers) - ipfw with NAT and ARP
... ipfw add divert natd all from any to any via xl1 ... When testing "ping" from
external to external IP-Adress of my firewall, ... After restarting system with above configuration
of icmp-protocol no ... "ipfw add allow all from any to any" ping-request get an answer.
... (freebsd-questions)
