[SOLVED] Bridged connection - new rules?

Panja · Oct 6, 2015, 6:31 PM

I had WAN + LAN configured. With a few rules on the LAN interface (anti-lockout rule, etc).
Now I have added a WIFI interface and made a bridge.

I now have: WAN, LAN, WIFI, LAN_PORT

WAN = re0
LAN = bridge (WIFI + LAN_PORT)
WIFI = at0
LAN_PORT = re1

The rules that are on the LAN interface (which is now a bridge) do not work anymore.
I have to re-add the same rules for WIFI and LAN_PORT.

Is that normal behavior?
I though that every rule I set for LAN will work for WIFI + LAN_PORT because they are bridged. So you set the rules for the bridge.
But that is not correct, right?

robi · Oct 5, 2015, 11:25 AM

You have to move over the rules from the old interface to the bridge.
Just go to edit each rule, and select at interface, the new bridge interface.

Panja · Oct 5, 2015, 1:57 PM

Thanks for the help.
But that's not possible. The bridge cannot be selected.

doktornotor · Oct 5, 2015, 3:04 PM

You should ask yourself WHY did you make that bridge in the first place. Not needed, not wanted mostly, pain to switch assignments to on a configured system.

Panja · Oct 5, 2015, 3:28 PM

Why I made the bridge?
Because I want it to be a part of my network?

My MacBook Pro (which I use 8 - 10 hours a day) does not have a RJ45 connection, only wifi.
It needs to be able to connect to other devices (NAS, other computer) on my wired network.

If you know a way to do this without the bridge, please do tell me!

I will create a seperate wifi network for guests, which of course will not be a part of my main network.

doktornotor · Oct 5, 2015, 5:09 PM

@Panja:

If you know a way to do this without the bridge, please do tell me!

That works out of the box. Nothing to be done there except a dead simple one firewall rule to allow traffic, same as the default one on LAN. (If you want the Bonjour nonsense, then install Avahi package.)

Panja · Oct 5, 2015, 5:41 PM

Hmmm oke.
But if I do that I would need a 2nd DHCP server for the wifi interface right?
That will than serve a different range than my LAN interface?

doktornotor · Oct 5, 2015, 5:48 PM

DHCP server is configured per interface, yes.

Panja · Oct 5, 2015, 6:27 PM

Ok, but what if I want them all on the same subnet?

doktornotor · Oct 5, 2015, 7:06 PM

We are going in rounds. Bye.

Panja · Oct 5, 2015, 7:18 PM

Huh?

That's a bit rude imo.
I'm not being a smart ass here I just want my box to work the way I want.

Wired and wireless on the same subnet, I guess I need bridging for that.
So that's why I set it up.

Sorry if I'm not at your level of expertise.
I'm still a newbie here and trying to learn.
But with replies like "We are going in rounds. Bye." it's kinda hard to learn things…

Panja · Oct 6, 2015, 6:14 AM

I have fixed the problem myself.
Following THIS guide here on the forums fixed my problem.
I can now set the firewall rules on the bridged interface (=LAN) and they are used by all members of that bridge.