docs/96127: add hint to pass arp packets through filtering bridg
>Number: 96127
>Category: docs
>Synopsis: add hint to pass arp packets through filtering bridge to advanced-networking doc
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Apr 21 08:40:12 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Toni Schmidbauer
>Release: FreeBSD 6.0-STABLE i386
>Organization:
stderror.at
>Environment:
System: FreeBSD skunk.user.lan.at 6.0-STABLE FreeBSD 6.0-STABLE #0: Thu Nov 10 20:29:49 CET 2005 root@skunk.user.lan.at:/usr/obj/usr/src/sys/alpha i386
>Description:
currently it is stated in the advanced networking section in
the handbook to add IPFIREWALL_DEFAULT_TO_ACCEPT to allow arp through a
filtering bridge. this is not false, but there's a better way
to do it.
>How-To-Repeat:
>Fix:
diff -u handbook/advanced-networking/chapter.sgml.orig handbook/advanced-networking/chapter.sgml
--- handbook/advanced-networking/chapter.sgml.orig Fri Apr 21 09:31:35 2006
+++ handbook/advanced-networking/chapter.sgml Fri Apr 21 09:41:11 2006
@@ -1919,6 +1919,14 @@
changes the default rule for the firewall to accept any packet.
Make sure you know how this changes the meaning of your ruleset
before you set it.</para>
+
+ <para>One other way to allow only arp packets through a filtering bridge,
+ is to add the following firewall rule:
+
+ <programlisting>ipfw add allow mac-type arp layer2<programmlisting>
+
+ so you do not have to set <literal>IPFIREWALL_DEFAULT_TO_ACCEPT</literal>.
+ <para>
</sect3>
<sect3>
>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-doc@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-doc
To unsubscribe, send any mail to "freebsd-doc-unsubscribe@freebsd.org"