Source string Read only

(itstool) path: legalnotice/para
60/600
Context English State
_
translator-credits
Filtering Bridges
<email>ale@FreeBSD.org</email>
<personname><firstname>Alex</firstname><surname>Dupre</surname></personname><affiliation> <_:address-1/> </affiliation>
FreeBSD is a registered trademark of the FreeBSD Foundation.
3Com and HomeConnect are registered trademarks of 3Com Corporation.
Intel, Celeron, Centrino, Core, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the <quote>™</quote> or the <quote>®</quote> symbol.
$FreeBSD: head/en_US.ISO8859-1/articles/filtering-bridges/article.xml 53717 2019-12-29 14:13:50Z carlavilla $
Often it is useful to divide one physical network (like an Ethernet) into two separate segments without having to create subnets, and use a router to link them together. The device that connects the two networks in this way is called a bridge. A FreeBSD system with two network interfaces is enough in order to act as a bridge.
A bridge works by scanning the addresses of <acronym>MAC</acronym> level (Ethernet addresses) of the devices connected to each of its network interfaces and then forwarding the traffic between the two networks only if the source and the destination are on different segments. Under many points of view a bridge is similar to an Ethernet switch with only two ports.
Why use a filtering bridge?
More and more frequently, thanks to the lowering costs of broad band Internet connections (xDSL) and also because of the reduction of available IPv4 addresses, many companies are connected to the Internet 24 hours on 24 and with few (sometimes not even a power of 2) IP addresses. In these situations it is often desirable to have a firewall that filters incoming and outgoing traffic from and towards Internet, but a packet filtering solution based on router may not be applicable, either due to subnetting issues, the router is owned by the connectivity supplier (<acronym>ISP</acronym>), or because it does not support such functionalities. In these scenarios the use of a filtering bridge is highly advised.
A bridge-based firewall can be configured and inserted between the xDSL router and your Ethernet hub/switch without any IP numbering issues.
How to Install
Adding bridge functionalities to a FreeBSD system is not difficult. Since 4.5 release it is possible to load such functionalities as modules instead of having to rebuild the kernel, simplifying the procedure a great deal. In the following subsections I will explain both installation ways.
<emphasis>Do not</emphasis> follow both instructions: a procedure <emphasis>excludes</emphasis> the other one. Select the best choice according to your needs and abilities.
Before going on, be sure to have at least two Ethernet cards that support the promiscuous mode for both reception and transmission, since they must be able to send Ethernet packets with any address, not just their own. Moreover, to have a good throughput, the cards should be PCI bus mastering cards. The best choices are still the Intel <trademark>EtherExpress</trademark> Pro, followed by the <trademark class="registered">3Com</trademark> 3c9xx series. To simplify the firewall configuration it may be useful to have two cards of different manufacturers (using different drivers) in order to distinguish clearly which interface is connected to the router and which to the inner network.
Kernel Configuration
So you have decided to use the older but well tested installation method. To begin, you have to add the following rows to your kernel configuration file:
ComponentTranslation
This translation Translated FreeBSD Doc/articles_filtering-bridge
FreeBSD is a registered trademark of the FreeBSD Foundation.
Following strings have same context and same source.
Translated FreeBSD Doc/articles_linux-users
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_freebsd-releng
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_gjournal-desktop
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_cups
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_freebsd-update-server
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_pr-guidelines
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_rc-scripting
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_explaining-bsd
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_fonts
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_freebsd-questions
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_geom-class
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_hubs
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_nanobsd
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_problem-reports
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_releng
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_remote-install
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_serial-uart
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_vm-design
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/books_arch-handbook
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_ldap-auth
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_ipsec-must
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_linux-emulation
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_new-users
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_pam
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/books_faq
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_solid-state
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/books_porters-handbook
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_contributors
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/books_developers-handbook
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_bsdl-gpl
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_building-products
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_committers-guide
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/articles_contributing
FreeBSD is a registered trademark of the FreeBSD Foundation.
Translated FreeBSD Doc/books_handbook
FreeBSD is a registered trademark of the FreeBSD Foundation.

Loading…

No matching activity found.

Browse all component changes

Things to check

Multiple failing checks

The translations in several languages have failing checks

Reset

Glossary

English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: legalnotice/para
Labels
No labels currently set.
Flags
read-only
Source string location
article.translate.xml:14
Source string age
11 months ago
Translation file
string