On 12/08/06, Max Laier <[EMAIL PROTECTED]> wrote:
This is because the packets never make it to the IP-Layer (where our packet filters normally hook into). You can try to use if_bridge(4) to bridge tap0 and fxp0. if_bridge(4) offers extensive means of packet filtering described in the man page in great detail.
Ah, thanks, I didn't know that existed (and I've even got the kernel module loaded for some reason). If I'm understanding that manual page correctly, I would put pf rules on 'bridge0', yes? MC _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
