ipfw broken with bridge under 5.x (5.3 and 5.4)
Jose M Rodriguez
josemi at freebsd.jazztel.es
Wed May 4 08:16:29 PDT 2005
El Miércoles, 4 de Mayo de 2005 16:47, Jose M Rodriguez escribió:
> El Miércoles, 4 de Mayo de 2005 16:24, Josef Karthauser escribió:
> > It appear that ipfw doesn't work with bridge in 5.3 and 5.4. The
> > symptoms are that the bridge stops forwarding packets altogether,
> > for me a few minutes after it is set up. It takes a
> >
> > # net.link.ether.bridge_ipfw=0 && sleep 5 &&
> > net.link.ether.bridge_ipfw=1
> >
> > to get it back up and running, which it does, but only for a few
> > minutes before it stops working again. The five second sleep is
> > sometimes too long, and sometimes not enough time.
> >
> > Would someone in the know be able to help me to trouble shoot it?
> > (I'm scared of ipfw! :).
> >
> > Thanks!
> > Joe
>
> Are your rules stopping arp or so? Remember make pass this kind of
> traffic at layer2.
>
sorry, forgot the rule. Try something like this at the beginning of
your ruleset:
pass not ip from any to any layer2
--
josemi
More information about the freebsd-net
mailing list