Subject: ipfilter and ethernet bridges
To: None <netbsd-users@netbsd.org>
From: Stefan Sonnenberg-Carstens <s.sonnenberg@coolspot.de>
List: netbsd-users
Date: 11/05/2002 10:29:31
This is a multi-part message in MIME format.
------=_NextPart_000_0013_01C284B6.3A2988B0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi list,
during the last days I read some stuff regarding ipfilter and the netbsd =
ethernetbridge devices.
Some quotes state, that using this combination is not possible.
I found several points of aquivalence with OpenBSD/pf and bridging.
In the manual for OpenBSD/pf, they state that one has to filter on the =
devices, that build the bridge (for example fxp0 and fxp1 -> bridge0, =
filtering on fxp0 and fxp1).
Isn't that possible on NetBSD and ipfilter, too ?
Any comment is welcome.
Stefan Sonnenberg-Carstens
RHCE & System-/Netzwerkadministrator
---------------------------------------------------------
CoolSpot AG
Am Albertussee 1 D-40549 D=FCsseldorf
Tel +211 50 66 1-0 Fax +211 50 66 1-11
http://www.coolspot.de
- --------------------------------------------------------
Vorstand: Roland Bongartz
Aufsichtsrat:
Dr. jur. Marco Picozzi (Vorsitzender),
Prof. Dr.-Ing. Karl Friedrich Triebold,
Heiko Hubertz
Amtsgericht D=FCsseldorf HRB 37696
------=_NextPart_000_0013_01C284B6.3A2988B0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2719.2200" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi list,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>during the last days I read some stuff =
regarding=20
ipfilter and the netbsd ethernetbridge devices.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Some quotes state, that using this =
combination is=20
not possible.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I found several points of aquivalence =
with=20
OpenBSD/pf and bridging.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>In the manual for OpenBSD/pf, they =
state that one=20
has to filter on the devices, that build the bridge (for example fxp0 =
and fxp1=20
-> bridge0, filtering on fxp0 and fxp1).</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Isn't that possible on NetBSD and =
ipfilter, too=20
?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Any comment is welcome.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Stefan Sonnenberg-Carstens<BR>RHCE =
&=20
System-/Netzwerkadministrator<BR>----------------------------------------=
-----------------<BR>CoolSpot=20
AG<BR>Am Albertussee 1 D-40549 D=FCsseldorf<BR>Tel +211 50 66 1-0 Fax =
+211 50 66=20
1-11<BR><A =
href=3D"http://www.coolspot.de">http://www.coolspot.de</A><BR>-=20
--------------------------------------------------------<BR>Vorstand: =
Roland=20
Bongartz</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Aufsichtsrat:<BR>Dr. jur. Marco Picozzi =
(Vorsitzender),<BR>Prof. Dr.-Ing. Karl Friedrich Triebold,<BR>Heiko=20
Hubertz</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Amtsgericht D=FCsseldorf HRB=20
37696<BR></FONT></DIV></BODY></HTML>
------=_NextPart_000_0013_01C284B6.3A2988B0--