Discussion:
bridge(4)+ NPF
(too old to reply)
Stephen Borrill
2017-03-23 09:03:08 UTC
Permalink
I've happily used BRIDGE_IPF in the past, but given IPFilter 5's lack of
stability, I've been forced to consider NPF even with its missing
functionality. Does NPF have a similar option to BRIDGE_IPF?
--
Stephen


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Mindaugas Rasiukevicius
2017-03-23 23:58:02 UTC
Permalink
Post by Stephen Borrill
I've happily used BRIDGE_IPF in the past, but given IPFilter 5's lack of
stability, I've been forced to consider NPF even with its missing
functionality. Does NPF have a similar option to BRIDGE_IPF?
Despite the name, BRIDGE_IPF is pretty generic code -- it just passes
the bridged packets through the pfil(9) hooks, with the Etherned header
temporarily removed. I did not inspect the BRIDGE_IPF code in detail,
but generally there should be no reason why it would not work with NPF
or other packet filters.

Also, having the BRIDGE_IPF kernel option does not seem to be worth
these days. The #ifdef-ed code is small and it's configured by a flag.
--
Mindaugas

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loading...