According to the ipfw man page I should be able to use:
sysctl -w net.link.ether.bridge_ipfw=1
in order to route the bridged packets to ipfw.
When I try that on (Mountain) Lion though I get:
net: class is not implemented
I am missing something?
Hmmm, looks like what I am trying to do is a dead end in OS X.
ipfw is deprecated in OS X 10.8 and can't be relied upon.
Retrieving data ...