VLAN and IPFilter

To: netbsd-users%netbsd.org@localhost
Subject: VLAN and IPFilter
From: Phil Schilling <pjschilling%gcstech.net@localhost>
Date: Mon, 17 Aug 2015 15:51:38 -0500

I have a Soekris box with 4 wm interfaces.  It is setup as a firewall with the following configuration.

wm0 - Outside Interface   	10.0.0.254/24
wm1 - Inside Interface		192.168.0.0/24
wm2 - VLAN interface
vlan0 - attached to wm2		192.168.5.0/24

My issue is I need to restrict traffic from the 192.168.0.0/24 network to and from the 192.168.5.0/24 network.  I would like to use IPFilter to do this but am having trouble getting it to work.  IPNAT allows the 0/24 and 5/24 network out to the internet, but if I try any rules restricting traffic from wm1 to vlan0 or wm2 it breaks internet access for the VLAN’d network.  
Any help would be greatly appreciated as to the correct way to limit the traffic between the two interfaces.  Thank you in advance.

Phil Schilling

Prev by Date: Re: Necessity of rebuilding pkgsrc after updating the system
Next by Date: /usr/pkg on its own partition?
Previous by Thread: Configuring wep wireless during installation?
Next by Thread: /usr/pkg on its own partition?
Indexes:

Home | Main Index | Thread Index | Old Index