hey there, -I messed with this alot in 3.0 when it came out and think I
was the first person to ask Dan about it when testing was going on for
3.0 snapshot. I mean, I lived to wake up and make bridges with pf.
-but, alas, that was years ago, and from my hazy memory all I used to do
was this:
edit /etc/sysctl.conf and enable ipv4 packet forwarding;
then do:
ifconfig rl0 delete
echo 'up' > /etc/hostname.rl0
ifconfig vr0 delete
echo 'up' > /etc/hostname.vr0
echo 'add rl0 add vr0 up' > /etc/bridgename.bridge0
reboot, voila.
-I see ifconfig shows:
bridge0: flags=41 <UP,RUNNING>
-And brconfig bridge0 shows the bridge0 interface along with vr0 and rl0 interfaces
in <LEARNING,DISCOVER> mode.
I disable pfctl just to test bridge packet flow, and then plug it in
between my router and my lan, I can't seem to get any packet flow.
I have switched between cable types (crossover/standard)
-is there a command I can use to check if these cards are working in
promiscuous mode?
---what's the obvious thing I missed here? anything different in 4.1?
I need a transparent bridge something fierce, and have even tested this
on both my DHCP network and my t-1 to no avail, so I feel it's not the
devices on either side of the bridge, -something basic is not
functioning. Right now I am trying to firewall between a cisco t-1
router and my machines downstairs in the rack, which uses an older
switch for all the servers to connect with up here. Without the bridge,
it all works fine to/from the net. With it, no dice. -any advice from
my fine feathered friends on misc is is this more the dedicated purview
of the pf list (even tho I still feel like this is stuck at brconfig
phase)? I have basic pass in on rl0 all, pass out on rl0 all and pass
in on vr0 all, pas out on vr0 all in pf.conf, but no packets visible in
tcpdump -nettti pflog0 either.
-krb
