> > I plan to design a netgraph as follows:
> >
> > iface1
> > /
> > fxp0 <-> bpf
> > \
> > iface2
>
>I forgot to add in my previous response that you'd have to do this like:
>
>fxp0: <--> bpf <--> bpf <--> interface0
> \ \
> \ ------>interface1
> \
> \------------>interface2
>
>as each bpfnode hook only selects between a
>"match" and "no match" hook.
>
>you could do it with one node as follows:
>
>
> +----------------------------+
> | |
> +->(hook2)[ ] |
>fxp0:(lower)<->(hook1)[bpf](nomatch1)----+
> [ ](match1)<-------->(upper)fxp0:
> [ ](nomatch2)<------>(hook)iface1:
> [ ](match2)<-------->(hook)iface2:
>
>i.e. loop the data back through the same node twice to effect two rules on
>the same data.
Or you could use the ALL mode in the one2many node. That way all incoming
traffic would reach all interfaces. Interfaces should still only accept
packets meant for themselves.
Or you the bridge node.
DocWilco
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message