Filtering Bridge locks out everything
-
ive got
Version 1.0.1
built on Sun Oct 29 01:45:08 UTC 2006there is no loop the interfaces are definitely on two "different networks"
just to be sure:
Status up
MAC address 00:0d:b9:03:5d:89
IP address 10.22.2.214
Subnet mask 255.0.0.0
Gateway 10.0.0.1
ISP DNS servers 10.0.0.11
10.0.0.2
Media 10baseT/UTP
In/out packets 24355623/25519222 (1.75 GB/2.68 GB)
In/out errors 48/13
Collisions 5449498
Bridge (bridge0) learningLAN interface (sis0)
Status up
MAC address 00:0d:b9:03:5d:88
IP address 10.2.2.214
Subnet mask 255.0.0.0
Media 100baseTX <full-duplex>In/out packets 25094783/24201341 (2.66 GB/1.49 GB)
In/out errors 0/0
Collisions 0
Bridge (bridge0) learning</full-duplex> -
In/out errors 48/13
Collisions 5449498there is a big problem on youre network
-
thats ok because an the wan side there is a BNC - Coax network - a hub between coax and pfsense does the medium conversion
-
well 20% of youre traffic is ending up on the hospital and has to be send again
-
yupp i know - about 50 ppl on a segmented switched coax lan - but thats not the problem… bridging as such is working fine. but when you activete the filtering bridge - no more traffic ;)
-
i have absultly the same problem with filtering bridge .. when i open the filtering bridge option in system->advanced all traffic will block no matter what rules i set in firewall
-
are there any news to this topic?
there must be more ppl with this problem if it really is a problem…
if i compare it with the ruleset of my obsd in the pf.conf i miss all the outgoing rules. (pass in - pass out)but actually i am not THE firewall - knowingitall kind a guy.but seriously
any news would be great! -
I have been blocked exactly the same way using the bridging tutorial.
try setting the LAN ip with something completely outside your networks.
It worked for me -
Weehaaaa thats it!
That must be definitely a bug!
when activating the filtering bridge the other address must be completely in another range. then it works like a charm!
thanx Tinozaure
-
It is not a bug, it is how FreeBSD works.