Thank you for your help in understanding. I want to configure a NAT between int_if and ext_if and filter based on MAC address.
I was going to proceed as follows, but after reading bridge(4) man page I understand that the following won't work. If the bridge0 has only one member, int_if, it will never accept the packets but broadcast, in this case it will not tag them either. Is it correct and how to proceed in that case ? I would like to tag packets based on their MAC address. re0 : int_if sis0 : ext_if nat on ext_if from int_if -> ext_if int_if member of bridge0 brconfig bridge0 rule pass in on re0 src 1:2:3:4:5:6 tag allowed Regards.
