• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

NetGraph ETF Help



Messages: 26

I'm hoping someone here can help me. I am trying to create a simple ethernet filtering netgraph, but the syntax for the last connection isn't write in the man pages (or else I'm doing something wrong).

For context, I'm trying to filter EAP traffic coming in on my LAN interface and directly forward that traffic out my WAN interface. All other incoming LAN traffic is to be handled by the networking stack. A (horrid) ASCII art representation of my desired netgraph would look like this:

lower -> em0 -> downstream -> ETF -> no match -> upper em0
-> match -> lower em1

The script I have written is this:

#! /bin/sh
ngctl mkpeer em0: etf lower downstream
ngctl name em0:lower lan_filter
ngctl connect em0: lan_filter: upper nomatch
ngctl msg lan_filter: setfilter { matchhook="em1:lower" ethertype=0x888e }
The last line of this little script generates the following error message:

ngctl: send msg: Invalid Argument
Can someone please help?


EDIT - If this is better posted in one of the other networking sub-forums, please feel free to move.