$ sudo brconfig bridge0 down
$ sudo tcpdump -netttvvv -i pflog0
tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: listening on pflog0
Feb 18 09:51:51.949840 rule 2/0(match): pass in on le0: 192.168.1.9 > 192.168.1.1: icmp: echo request (id:19bc seq:0) (ttl 64, id 30421)
Feb 18 09:51:51.950030 rule 4/0(match): pass out on le0: 192.168.1.1 > 192.168.1.9: icmp: echo reply (id:19bc seq:0) (ttl 255, id 25154)
$ sudo brconfig bridge0 up
$ sudo tcpdump -netttvvv -i pflog0
tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: listening on pflog0
Feb 18 09:52:29.459668 rule 3/0(match): pass in on le2: 192.168.1.9 > 192.168.1.1: icmp: echo request (id:19bd seq:0) (ttl 64, id 30487)
Feb 18 09:52:29.459838 rule 4/0(match): pass out on le0: 192.168.1.1 > 192.168.1.9: icmp: echo reply (id:19bd seq:0) (ttl 255, id 21188)
Where:
@2 pass in log-all quick on le0 all
@3 pass in log-all quick on le2 all
@4 pass out log-all quick on le0 allSo, back to my earlier questions: is this a bug in bridge? Whether it is or is not, is this behavior determinate -- that is, with the bridge up:
inbound traffic from le0 to le2, and vice versa, always matches rules for the correct interfaces
inbound traffic from le0 AND le2 to the router always appears to match rules for le2
outbound traffic from the router to le0 AND le2 always appears to match rules for le0
Why? Can I depend on this to always be the case? How do I know which interface it will pick for the 'outbound,' and which it will pick for the 'inbound'? Is that a function of which interface has the IP assigned? Is it a function of the order in which they were added to the bridge? Is it a function of boot-time discovery order? Interface number? Etc.?
Thanks, Jim
