ipfilter/ipfw + bridge + out checking

From: Aristeu Gil Alves Jr (suporte_at_wahtec.com.br)
Date: 04/24/04

  • Next message: Dan Langille: "IPsec - got ESP going, but not AH" 
    To: "Freebsd-Security" <freebsd-security@freebsd.org>
Date: Fri, 23 Apr 2004 20:26:53 -0300

    Hi all.

    I didn't find any thread discussing it, sorry if I am re-posting the same
    subject.
    Is there a way to check the ipfilter/ipfw out-flow with bridge? Is it
    implemented?

    I've heard its not done due a performance issue (it's writen in ipf-howto),
    but performance is not the main goal for me in this single situation. I
    would like to have the stateful firewall and the bridge _fully_ working
    together.

    Best regards,
    --aristeu

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Dan Langille: "IPsec - got ESP going, but not AH"

    Relevant Pages

    • Re: Kernel Development
      ... together (eg. be able to bridge a ng_fec virtual interface.. ... Subject: Kernel Development ... I am looking to get involved in FreeBSD system development and was ... To unsubscribe, ...
      (freebsd-hackers)
    • Re: Why do I bother?
      ... And why would anyone post a lambast on what is a user's group? ... bridge he lives under, I should be more selective about which direction I choose when out and about. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
      (Debian-User)
    • Re: Redirection with a bridge ?
      ... ip nat inside source list 1 interface Ethernet0 overload ... Subject: Redirection with a bridge? ... To unsubscribe, ...
      (freebsd-questions)
    • Bridge Alternative to NetworkManager
      ... Since I cannot get NetworkManager to cooperate, is bridge a viable ... Total Quality Management - A Commitment to Excellence ... To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list ...
      (Fedora)
    • Re: bridge troubles with wi
      ... why just don't use option BRIDGE on the kernel? ... > # kldload ng_bridge ... >> i dont feel comfortable posting a whole dmesg output in the list so i'll ... To unsubscribe, ...
      (freebsd-stable)