> Thank you for your response. Btw, I've been reading over the
> bridge code ... many thanks for this valuable resource!
>
> The problem with the "just let it be a router" approach is that I
> want all traffic from B to go to A and C, not just that which is
> actually intended for said net (yes all can be considered nets).
the thing is, i do not see much point for doing this (there would
be no receivers on the 'wrong' segment), so it would be easier for me to
understand what you have in mind if you describe the reason you want
to do this.
> specific denies, e.g.:
> deny from A via ifC
> instead of
> deny from A to C
>
> I still get confused with via.
'via' does not work well with bridged packets, as ipfw has no
info on the output interface (as there can be more than one, essentially,
and ipfw is invoked only once and _before_ the output if is selected).
cheers
luigi
----------------------------------+-----------------------------------------
Luigi RIZZO, [EMAIL PROTECTED] . ACIRI/ICSI (on leave from Univ. di Pisa)
http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704
Phone: (510) 666 2927
----------------------------------+-----------------------------------------
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
