On Sat, Sep 07, 2002 at 01:37:23PM +0600, Meder Kydyraliev wrote: > i am goin to be separating 2 servers from the lan (1 server TCP/IP stuff, 2nd is IPX >Novell server). If i will put OpenBSd 3.1-STABLE firewall between lan and server i >will be able to to regular tcp/ip filtering to my 1st server and what will happen >with IPX traffic to the Novell? will it be passed or dropped? i won't be able to do >any IPX filtering right?
A bridge(4) will forward non-IP packets if blocknonip is not enabled (see brconfig(8)), plain IP forwarding will not forward IPX. Since pf operates on IP level, it won't see IPX traffic, so you won't be able to filter it, except for the MAC level filtering bridge offers. Daniel
