From 858c61cb78e5beff76dc6baa138e28b70b61dc3d Mon Sep 17 00:00:00 2001 From: Jason McIntyre Date: Thu, 26 Oct 2006 18:03:11 +0000 Subject: no need to cause every reference to pf to be an Xr; on the other hand, referencing `PF' is not so helpful either; mutated from a diff from okan demirmen; --- share/man/man4/bridge.4 | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/share/man/man4/bridge.4 b/share/man/man4/bridge.4 index d79f2fa9b5e..cf62889e720 100644 --- a/share/man/man4/bridge.4 +++ b/share/man/man4/bridge.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: bridge.4,v 1.63 2006/10/23 07:01:35 jmc Exp $ +.\" $OpenBSD: bridge.4,v 1.64 2006/10/26 18:03:10 jmc Exp $ .\" .\" Copyright (c) 1999-2001 Jason L. Wright (jason@thought.net) .\" All rights reserved. @@ -63,7 +63,7 @@ configuration file for .Xr netstart 8 . .Pp The bridges provided by this interface are learning bridges with -filtering, see +filtering; see .Xr pf 4 . In general a bridge works like a hub, forwarding traffic from one interface to another. @@ -95,8 +95,7 @@ contains an or .Xr ip6 4 datagram; if so, the datagram is run through the -.Xr pf 4 -interface so that it can be filtered. +pf interface so that it can be filtered. .Sh IOCTLS A .Nm @@ -573,9 +572,9 @@ and destination addresses reversed between interfaces, two state entries (one for each direction) are required when all interfaces are filtered statefully. .Pp -Return packets generated by PF itself are not routed using the +Return packets generated by pf itself are not routed using the kernel routing table. -Instead, PF will send these replies back to the same Ethernet +Instead, pf will send these replies back to the same Ethernet address that the original packet came from. This applies to rules with .Ic return , @@ -593,8 +592,7 @@ are unsupported. If an IP packet is too large for the outgoing interface, the bridge will perform IP fragmentation. This can happen when bridge members -have different MTUs or when IP fragments are reassembled by -.Xr pf 4 . +have different MTUs or when IP fragments are reassembled by pf. Non-IP packets which are too large for the outgoing interface will be dropped. .Pp -- cgit v1.2.3