Yep, see snippet from man page for brconfig(8)
The following commands will tag packets from and to 9:8:7:6:5:4 on fxp0
so that pf(4) can refer to them using the tagged directive:
# brconfig bridge0 rule pass in on fxp0 src 9:8:7:6:5:4 tag boss
# brconfig bridge0 rule pass out on fxp0 dst 9:8:7:6:5:4 tag boss
An example pf.conf(5) rule using this tag is:
pass tagged boss queue q_med
You created bridge device for your NIC and then you can use tag boss
in pf rules. The change in future will be that there will be no
brconfig(8) command, but it will be included in ifconfig(8).
On Sun, Feb 21, 2010 at 10:52 AM, Jean-Francois <jfsimon1...@gmail.com> wrote:
> I am not completely sure to understand, is it possible to make a pseudo device
> bridged to an interface and marking the packets with a tag according to rules
> based on MAC adress and then to take account of the tag in pf while doing NAT
> translation to a second interface ?
>
> In my opinion, this might be possible.
>
> Reagrds
>
>
--
http://www.openbsd.org/lyrics.html
