# ipfw + bridge + pppoe



## allein (Jan 21, 2009)

Hi guys!
Just wondering if any of you know how to filter traffic (PPPOE,TCP,IP) by the means of ipfw, on bridge with FreeBSD 7.x installed, in the case when all traffic passing through the bridge is encapsulated in PPPOE.
Thanks.


----------



## DutchDaemon (Jan 21, 2009)

As far as I know, packet filters take packets 'as is'. If you want to act on the contents of packets, you'll need a packet-inspecting ('decapsulating') firewall.


----------



## allein (Jan 21, 2009)

I need to observe content of the packet, i.e. TCP and IP. PPPOE is going through the bridge. I need to tune kernel with sysctl and tell ipfw how to check packets based on my rules. So guys I need your help how to do this.


----------



## allein (Jan 21, 2009)

DutchDaemon, thank you. What did you mean by this packet-inspecting ('decapsulating') firewall? 
Guys, please let me know if you 'd tried to solve task like I asked.


----------



## DutchDaemon (Jan 21, 2009)

You can only inspect those packets if the encapsulation/decapsulation takes place on your bridge. It's a bit like local SSL termination to inspect traffic from https sites for virus scanning.


----------



## DutchDaemon (Jan 21, 2009)

I think you'll need something like a Checkpoint/SonicWall firewall, and I'm not even sure about those (they can do application layer (L7) filtering, but PPPoE isn't exactly layer 7).


----------

