OpenBSD « BSD Brasil’s Weblog

Creating a transparent firewall with redundant bridge using bridge+pf+pfsync

were used OpenBSD 4.2 on test

Using 4 network interfaces:

fxp0 = internal net
fxp1 (bridge0) = input traffic general
fxp2 (bridge0) = output traffic general
fxp3 = PFSync

MACHINE 1

Configuring the internal net interface:

# vi /etc/hostname.fxp0
inet 172.16.0.1 255.255.255.0 172.16.0.255 description “Internal Link”

Configuring the bridge (input/output) interface:

# vi /etc/hostname.fxp1
media 100baseTX mediaopt full-duplex
up

# vi /etc/hostname.fxp2
media 100baseTX mediaopt full-duplex
up

# vi /etc/bridgename.bridge0
add fxp1
add fxp2
up

Doing the same on another machine changing only the ips:

MACHINE 2

Configuring the internal net interface:

# vi /etc/hostname.fxp0
inet 172.16.0.2 255.255.255.0 172.16.0.255 description “Internal Link”

Configuring the bridge (input/output) interface:

# vi /etc/hostname.fxp1
media 100baseTX mediaopt full-duplex
up

# vi /etc/hostname.fxp2
media 100baseTX mediaopt full-duplex
up

# vi /etc/bridgename.bridge0
add fxp1
add fxp2
up

S	M	T	W	T	F	S
« Dec
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

BSD Brasil’s Weblog

Archive for the 'OpenBSD' Category

Transparent Firewall With Redundant Bridge

Search:

Calendar:

Recent Posts

Categories

Archives

BSD Brasil

Follow “BSD Brasil's Weblog”