Filtering Bridge pfSense 2 RC-3 - SOLVED

josueharos

After a couple of tests this is what i have done, with no luck

1. Fresh Install
xl0 –> WAN
rl0 --> LAN
2. Interface --> Assign --> Bridges
- Create a new bridge
BRIDGE0 (LAN,WAN)
3. Interface --> Assign
- Create a new interface and assign the bridge
New Interface --> Bridge (BRIDGE0)
4. Enable and set ip to Bridge New interface
5. Create a rule on BRIDGE and LAN [ UDP 0.0.0.0 68 255.255.255.255 67 ]
6. Create a rule on LAN [Any LAN Subnet * * *]
7. Set LAN and WAN type to NONE

Hope someone can take me back to the road

eri--

You have to set unser System->Advanced->Tunables
net.link.bridge.pfil_member = 0
net.link.bridge.pfil_bridge = 1

wallabybob

@josueharos:

5. Create a rule on BRIDGE and LAN [ UDP 0.0.0.0 68 255.255.255.255 67 ]

This is so DHCP gets forwarded from rl0 to WAN? Does that much work?

@josueharos:

4. Enable and set ip to Bridge New interface
6. Create a rule on LAN [Any LAN Subnet * * *]
7. Set LAN and WAN type to NONE

So LAN doesn't have an IP address. What IP addresses will match LAN Subnet in the firewall rules?

I setup a bridge on my pfSense to bridge ath0 (WiFi) and rl0 (wired) and have a common DHCP server. My LAN interface is bridge0 which has members ath0 and rl0. LAN is configured with a static IP address and DHCP enabled. ath0 and rl0 have firewall rules to allow DHCP and traffic from LAN net to any. I have the default settings of net.link.bridge.pfil_member and net.link.bridge.pfil_bridge:

net.link.bridge.pfil_member = 1
net.link.bridge.pfil_bridge = 0

eri--

4. Enable and set ip to Bridge New interface

He wants the ip on the bridge itself.

josueharos

Ok, i will make the changes to system tunables and see what happens. Should i consider adding a third interface for administration? After playing with this i needed to reset to factory default the router because i could not logon (no ips on interfaces).

Also, is the procedure i posted above correct?

Thank you for your time