[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Four-port bridge?

Hi list,

Sorry for the newbie question, but I haven't been able to find anything in either the docs or the mailing list archive.

I've set up a transparent firewall with four NICs. Works like a charm, love the way PF works. At the moment I'm only filtering the external interface, including blocking all Windows related ports (135-139, 1433 for example) both in and out.

On the remaining interfaces, everything is allowed. One segment has an Exchange server, another segment the clients. Clients are having problems with Outlook not responding, problems they didn't have in the old setup (Linux router with internal address ranges).

Do rules on the external interface apply to packets that travel over the other interfaces somehow? I haven't been able to reproduce the problem, tried with the full ruleset and the most basic 'block in all, pass out keep state' type rules on the external interface.

But just to be sure; does a firewalling bridge setup work with more than two interfaces? Do I need any special tricks?