Re: Host address zero vs bridge, carp and nat
- In reply to: Tomek CEDRO : "Re: Host address zero vs bridge, carp and nat"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 24 Apr 2023 12:38:29 UTC
Hi, > On 24 Apr 2023, at 03:15, Tomek CEDRO <tomek@cedro.info> wrote: > > On Mon, Apr 24, 2023 at 12:00 AM Bob Bishop wrote: >> (..) >> doesn’t pass traffic through the bridge. The NAT is in-kernel via ipfw and there are firewall rules in play but they do not seem to be a factor. > > Have you tried sysctl ? > net.link.bridge.ipfw=0 > net.link.bridge.pfil_bridge=0 > net.link.bridge.pfil_member=0 Interesting. Setting net.link.bridge.pfil_member=0 seems to fix it with no other change. So looks like it’s a libalias/pfil thing with the zero host address. Need net.link.bridge.pfil_bridge=1 for ipfw to work at all. net.link.bridge.ipfw=0. > -- > CeDeROM, SQ7MHZ, http://www.tomek.cedro.info > -- Bob Bishop rb@gid.co.uk