Subject: Re: Change to bridging? (was Re: IPF and ssh
To: NetBSD current-users mailing list <current-users@netbsd.org>
From: Julian Coleman <jdc@coris.org.uk>
List: current-users
Date: 11/18/2003 10:43:27
> I too dropped an ACK on an unexpected interface. It started as soon as I
> enabled bridging, which I haven't done for months. I couldn't get anything to
> work, with or without ipf, until I moved my bridge onto some new interfaces and
> took my firewall's management interface (the only interface with an IP) out of
> the bridge. I don't recall a restiction like this before. Did something
> change within the last few months?
When I was looking at the bridge + ipf code, I noticed that all packets for
my IP address passed through ipf on the interface which had the IP address
assigned, not on the interface where the packet arrived on the wire. I.e.,
bridged interfaces (+ipf)
le0 81.2.110.41
qe0
qe1
A packet destined for 82.1.110.41 arriving on the wire via qe0 or qe1 would
show up in ipf as arriving on le0. Is this what you mean? I'd assumed that
it was meant to work this way. Was it different at some point in the past?
(I didn't change this behaviour.)
J
--
My other computer also runs NetBSD
http://www.netbsd.org/