I have a Fritz!Box 7490 router which is unable to handle Port-forwarding and firewall ACL rules on IPv4 or IPv6 aliases, since the MAC adres is the same for the alias IP addresses. See also the Knowledge-base item.
I am running jails on my system, as such I really need to be able to set ACL and port-forwardings on per IP basis. Since I am not able to change the Fritz!Box (and cannot disable the firewall) I have to fix it on the FreeBSD side.
I have been fiddling with creation of tun(4)/tap(4) devices to create virtual MAC addresses and combine them with a bridge(4) to the bge(4) interface, yet I do not think I am following the proper route, since the tun/tap interfaces needs to be controlled in-order to be marked 'up'/'active'.
Hints welcome on alternative software-based routes to follow
I am running jails on my system, as such I really need to be able to set ACL and port-forwardings on per IP basis. Since I am not able to change the Fritz!Box (and cannot disable the firewall) I have to fix it on the FreeBSD side.
I have been fiddling with creation of tun(4)/tap(4) devices to create virtual MAC addresses and combine them with a bridge(4) to the bge(4) interface, yet I do not think I am following the proper route, since the tun/tap interfaces needs to be controlled in-order to be marked 'up'/'active'.
Hints welcome on alternative software-based routes to follow