Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Different filtering for bridges

    Scheduled Pinned Locked Moved
    Development
    2
    5
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      prodius
      last edited by

      Pfsense currently generates "pass all out on xxx" for all the bridgemembers and the user has to create the inbound rules. Wouldn't it be easier, even more logical to pass everything in/out on the interface near the servers, so that the user only has to create rules on the WAN interface? I assume this only makes sense when working with 2 bridgemembers, which is most used I think (??).

      I'm curious what others think. My experience is limited to routing setups with checkpoint, so I'm new to bridges (although I built bridges in the army :))

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        -HEAD features bridge groups where you can assign rules to the bridges themselves.  This will be in 2.0.  But for 1.X we will keep the functionality the same as it is now.

        1 Reply Last reply Reply Quote 0
        • P
          prodius
          last edited by

          Rapid spanning tree also in -HEAD?

          see http://www.freebsd.org/news/status/report-june-2006-oct-2006.html#Bridge-Spanning-Tree-Protocol-Improvements

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            No GUI for the feature just yet but it is planned.

            1 Reply Last reply Reply Quote 0
            • P
              prodius
              last edited by

              ok, thx for the answer.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post