ipfilter/ipfw + bridge + out checking
From: Aristeu Gil Alves Jr (suporte_at_wahtec.com.br)
Date: 04/27/04
- Previous message: Ruslan Ermilov: "Re: i386/65965: make buildworld fails for STABLE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: "Freebsd-Stable" <freebsd-stable@freebsd.org> Date: Mon, 26 Apr 2004 20:43:39 -0300
Hi all.
I didn't find any thread discussing it, sorry if I am re-posting the same
subject.
Is there a way to check the ipfilter/ipfw out-flow with bridge? Is it
implemented already?
The case ilustrated in most howtos is shown with only two NICs
NET-1
||
___________
|bridge-fw|
-----------
||
NET-2
It's important for us to use a bridge-fw with three NICs.
NET-1
||
___________
|bridge-fw|== NET-3
-----------
||
NET-2
without the out packet controling, a solution with three or more NIC's could
lead to an information leak problem. I've heard this checking is not done
due a performance issue (it's writen in ipf-howto), but performance is not
the main goal in this particular situation. I would like to have the
stateful firewall and the bridge _fully_ working together.
If there's anything I can do to contribute, I'll be happy to help.
[]'s
--aristeu
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
- Previous message: Ruslan Ermilov: "Re: i386/65965: make buildworld fails for STABLE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
- Re: Network Bridge
... Setting up two NICS in a bridge configuration and plugging them both into ...
any more bandwidth anyway, unless you have an atypical setup. ... under MS Windows Server
2003 it is called network bridge and is ... (microsoft.public.backoffice.smallbiz) - Re: Switchless TCP/IP networking?
... I don't think you got a real clear reply on the assigning of an IP ... address
to bridge NICs, but here it is. ... You CAN assign an IP address to the bridge device
... If you went the routing direction, you would also have to use zebra ... (comp.os.linux.networking) - Re: two nics, one ip
... [MVP] ... Right Click on My Network Places, choose properties from the
pop up menu, ... hold the Ctrl key select the two NICs, Right click, select Bridge ...
Connections from the list, Right click on the Network Bridge, choose ... (microsoft.public.windows.server.networking) - Re: config linux as a network switch
... ifconfig -> the ifconfig command, ... eth0-2 -> The NICs ...
brctl is a bridge config tool. ... echo Nulling NICs ... (comp.os.linux.networking) - bridge with access on both interfaces
... ISDN back proxy server black box) to a /24 of about a dozen mostly winXP ...
What I can't get to is setting up both NICs for the same /24, ... 'inside' and 'outside'
IPs separately on each bridge interface, ... (freebsd-net)
