Hi all. I didn't find any thread discussing it, sorry if I am re-posting the same subject. Is there a way to check the ipfilter/ipfw out-flow with bridge? Is it implemented already? The case ilustrated in most howtos is shown with only two NICs NET-1 || ___________ |bridge-fw| ----------- || NET-2 It's important for us to use a bridge-fw with three NICs. NET-1 || ___________ |bridge-fw|== NET-3 ----------- || NET-2 without the out packet controling, a solution with three or more NIC's could lead to an information leak problem. I've heard this checking is not done due a performance issue (it's writen in ipf-howto), but performance is not the main goal in this particular situation. I would like to have the stateful firewall and the bridge _fully_ working together. If there's anything I can do to contribute, I'll be happy to help. []'s --aristeu