Hi all,
I insert a openbsd box between my PC and ADSL modem,
that box running PF in bridge mode and blocks all IP
traffic. But my PC always successfully connect
Internet via PPPoE dailing, and I could see this via
tcpdump on openbsd box(see below).
PC<----->OBSD Bridge<---->ADSL modem<---->Internet
OBSD Bridge itself has nothing to do with PPPoE, i.e.
not a PPPoE client or server, just a bridge.
My question is how to block PPPoE session on a PF
bridge while pass all IP traffic?
How about brconfig?
How about bpf blocking as we could see it via tcpdump?
TIA
frank
========
# cat /etc/bridgename.bridge1
add rl0
add rl1
up
# pfctl -sr
scrub in all fragment reassemble
block drop in inet all
# brconfig
bridge1: flags=41<UP,RUNNING>
Configuration:
priority 32768 hellotime 2 fwddelay 15
maxage 20
Interfaces:
rl1 flags=3<LEARNING,DISCOVER>
port 2 ifpriority 128 ifcost
55
rl0 flags=3<LEARNING,DISCOVER>
port 1 ifpriority 128 ifcost
55
Addresses (max cache: 100, timeout: 240):
00:33:ba:14:a4:5f rl0 0 flags=0<>
00:33:a0:16:5d:ba rl0 0 flags=0<>
# tcpdump -n -i bridge1
or
# tcpdump -n -i rl1
20:57:59.911487 PPPoE-Session
code Session, version 1, type 1, id 0x12c0,
length 42
IP: 34.45.55.66.4080 > 81.175.13.140.80: . ack
21838 win 17640 (DF)
20:57:59.911534 PPPoE-Session
code Session, version 1, type 1, id 0x12c0,
length 1482
IP: 81.175.13.140.80 > 34.45.55.66.4082: .
4558:5998(1440) ack 269 win 33580 (DF)
20:57:59.911577 PPPoE-Session
code Session, version 1, type 1, id 0x12c0,
length 42
IP: 34.45.55.66.4082 > 81.175.13.140.80: . ack
4558 win 17640 (DF)
____________________________________________________________________________________
Pinpoint customers who are looking for what you sell.
http://searchmarketing.yahoo.com/
