Hello Tim,
On 01/15/10 05:09 PM, Tim Mullen wrote:
Has anyone gotten a transparent firewall working? I'm using snv_125 on an IBM
x346 (snv_130
goes into endless boot loops on this hardware). I can create a working bridge
with dladm, but
can't stop packets, even with "block in quick all". That stops packets on my
management
interface bge0, but not on the bridge. :(
...
Am I missing something here?
The ipfilter functionality works at the IP layer, and the layer-2
bridging function does not send packets up to IP. Bridged packets are
received and transmitted below that. What's missing is filtering at
layer-2, which is a project that was proposed some time ago
(http://hub.opensolaris.org/bin/view/Project+l2filter/) and has since
stagnated for various reasons. The completion of that project is what
is needed.
-Seb
_______________________________________________
opensolaris-discuss mailing list
[email protected]
