On 9/11/25 10:47, Ronald Klop wrote:
Hi,
I can do:
sysctl net.link.bridge.pfil_member=1
ipfw add 150 deny ip from any to any via epair4a
And than my jail which uses epair4b does not get any traffic anymore.
I don't have any other bridge settings apart from:
net.link.bridge.member_ifaddrs=0 (so no IP address on the bridge members)
This is running on 16-CURRENT which is of course still similar to 15
nowadays.
Does this help?
Thanks for your answer.
I'll have to check.
Currently I'm on 14.3, where everything still works with an IP on the
member interface (vlan1).
I'm testing moving the IP on the bridge in preparation for 15.
On 14, I didn't try "deny" as you suggest, but "allow" (via with the
member interface) does not work.
It's possible 15 is different.
I guess I'll need to put up a VM and make some tests.
bye & Thanks
av.
