Bug 23771

Summary:

bridge/firewall doesn't work as in bridge(4)

Product:

Base System

Reporter:

Joost Bekkers <joost>

Component:

kern

Assignee:

Luigi Rizzo <luigi>

Status:

Closed FIXED

Severity:

Affects Only Me

Priority:

Normal

Version:

4.2-RELEASE

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
file.diff	none
file.diff	none

Description Joost Bekkers 2000-12-22 19:50:01 UTC

	When using a kernel with BRIDGE and IPFIREWALL and not
	IPFIREWALL_DEFAULT_TO_ACCEPT, bridge(4) states all non-ip
	packets will not be forwarded. This is not true! All non-ip
	packets will be forwarded regardless of the firewall.

Fix: I've added some options to make the bridge/firewall combo usefull.

# $FreeBSD: src/sys/conf/options,v 1.191.2.20 2000/11/16 17:28:30 archie Exp $
* $FreeBSD: src/sys/net/bridge.c,v 1.16.2.6 2000/09/25 17:30:01 nsayer Exp $
How-To-Repeat: 
	make a kernel with BRIDGE and IPFIREWALL. generate non-ip
	(like arp or ipx) traffic and notice how it passes through
	the bridge.

Comment 1 Luigi Rizzo freebsd_committer

2002-09-22 20:37:10 UTC

Responsible Changed
From-To: freebsd-bugs->luigi

i will handle this

Comment 2 Luigi Rizzo freebsd_committer

2002-11-18 22:12:57 UTC

State Changed
From-To: open->closed

PR is not relevant anymore, the code has been rewritten and the 
problem fixed.