On Sun, Oct 09, 2016 at 02:29:12PM +0200, Eric Huiban wrote:
> Raimo Niskanen wrote:
>
> > I did a bridge configuration according to the FAQ with bridge0 containing
> > athn0, vr1 and vether0. vether0 got the IP address configuration that
> > athn0 had before, dhcpd was reconfigured to serve vr0 and vether0 and that
> > worked just fine. DHCP over athn0 passes through bridge0 and vether0 to
> > dhcpd as well as directly from vr0 to dhcpd.
> >
> > But DHCP over vr1 through bridge0 and vether0 does not work. I had to
> > configure a static address on the access point to get any further.
> >
> > I know that DHCP over vr0 that dhcpd serves directly works, and I know that
> > it works when dhcpd serves athn0 directly, plus it works when dhcpd serves
> > athn0 throught bridge0 and vether0.
>
> did you try to add something like this in your pf.conf for "debug" :
>
> set skip on { lo0, vr1, athn0 }
Thanks for the tip but I think I have figured this out anyway, and other
packets than DHCP packets pass the firewall. Plus vr1 and athn0 are
configured identically (they are both in group 'lan' and neither of them is
mentioned by name; only the group name is used in pf.conf, so there should
not be any difference between them) and DHCP througn athn0 works.
But I will keep the tip in mind for future use.
--
/ Raimo Niskanen, Erlang/OTP, Ericsson AB
