Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Filtering bridge

    Problems Installing or Upgrading pfSense Software
    2
    3
    1779
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cubsfan
      last edited by

      Just to make sure I understand the filtering bridge completely, what I've done is setup a bridge between my OPT1 card and my WAN card to create a DMZ so I don't have to redo my DMZ addressing.  If I leave the bridge filtering off does that mean that my DMZ is wide open from the outside?

      Or will my DMZ be protected by pf at all setup in this way?  Assuming the router in front of pf will completely ignore pf in this configuration since it will be directly attached.

      Guess I also wonder if I need to (or am allowed to) bridge the other way.  Assign a public address to my OPT1 card and bridge the WAN to that?  Little hazy on how the bridging all works in the grand scheme of things.

      thanks

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Without filtering bridge traffic between the bridged interfaces is allowed without filtering (and only between the bridged interfaces). In your setup you most likely want the filtering activated and only allow needed ports and protocols. See http://pfsense.trendchiller.com/transparent_firewall.pdf for some details.

        1 Reply Last reply Reply Quote 0
        • C
          cubsfan
          last edited by

          So just by virtue of being bridged, the traffic will route thru pf?  Guess they've got to in the end because that's how it will physically be wired up.  When I have my DMZ machines connected to the OPT1 interface is pf doing some sort of proxy arp for the machines on the bridged interface?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post