In message <v6g1e3v3g2.fsf@kechara.lh.vix.com>  Michael Graff wrote:
> D.Thomas@vthrc.uq.edu.au (Danny Thomas) writes:
> 
> > I asked Darren about whether it could be run in a bridge configuration and
> > he didn't think so. Is there an easy way to do this or has BSD networking
> > been focussed more on routing interfaces?

Hmm man 5 ipf says there is the "to" keyword which allows you to switch
packets directly to an interface bypassing the routing code.
(this -current )

This should do the trick for IP-based protocols. 

> 
> Most Unix networking has been on routing, not bridging.  I think I know
> what would be needed to do real bridging, but I don't think you would
> gain anything with the IP filtering code in there, without making it
> far more generic and putting the accept or deny hook at a much, much
> lower level.
> 
> I _could_ imagine a BPF-based bridge, which might be what that drawbridge
> thing really is; I've not looked at it.

That could be used to transfer the non-IP protocols you can't filter with
ipf anyway.

> 
> --Michael

Stefan

--
Stefan Grefen                                Tandem Computers Europe Inc.
grefen@hprc.tandem.com                       High Performance Research Center
 --- Hacking's just another word for nothing left to kludge. ---