git: kernel - Add a transparent MAC bridging feature to if_bridge

Matthew Dillon dillon at
Sat Feb 19 13:10:14 PST 2011

commit be02a6a09a5d3fe2845dd2ac135fe8f23cfb1934
Author: Matthew Dillon <dillon at>
Date:   Sat Feb 19 12:57:56 2011 -0800

    kernel - Add a transparent MAC bridging feature to if_bridge
    * Defaults to non-transparent (historical) operation, which is safer.
      Set link0 to use in transparent MAC mode.
    * Transparent MAC mode will attempt to retain the MAC source in the
      link address header when retransmitting a packet on a different
      Only IP/IPV6 packets will retain the MAC.  ARP and other ether types
      will get the outgoing interface's MAC address, which is usually
    * Note that transparent MAC mode is a bit dangerous, which is why it
      isn't turned on by default.  If a packet with the originating MAC
      winds up being sent out the same interface it came in on with the
      MAC intact, any switches between the two boxes will suddenly think
      the originating machine is somewhere else and will get confused.
      The code tries to avoid this situation.
      Bridging loops can also cause this sort of behavior even with the spanning
      tree protocol.  link0 is not recommended if you have loops.
    * Coded because I needed this for braindead at&t uverse routers which
      do MAC-based security and only allow one IP association for each MAC,
      and whos firewalls cannot be completely disabled, and which cannot deal
      with IPs on routed networks (it expects everything to be directly connected
      on a switched network. sigh).

Summary of changes:
 share/man/man4/bridge.4    |   19 +++++++++++++++++++
 sys/net/bridge/if_bridge.c |   36 ++++++++++++++++++++++++++++++++++++
 sys/net/pf/pf.c            |    8 ++++++++
 sys/sys/mbuf.h             |   13 ++++++++++++-
 4 files changed, 75 insertions(+), 1 deletions(-)

DragonFly BSD source repository

More information about the Commits mailing list