From owner-freebsd-ports Thu Aug 3 0:12:13 2000 Delivered-To: freebsd-ports@freebsd.org Received: from jarrow.dev.nanoteq.co.za (jarrow.dev.nanoteq.co.za [196.7.114.30]) by hub.freebsd.org (Postfix) with ESMTP id 703CF37B526; Thu, 3 Aug 2000 00:11:55 -0700 (PDT) (envelope-from rbezuide@jarrow.dev.nanoteq.co.za) Received: (from rbezuide@localhost) by jarrow.dev.nanoteq.co.za (8.9.3/8.9.3) id JAA03493; Thu, 3 Aug 2000 09:10:06 +0200 (SAST) (envelope-from rbezuide) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Thu, 03 Aug 2000 09:10:06 +0200 (SAST) Reply-To: rbezuide@oskar.nanoteq.co.za From: Reinier Bezuidenhout To: Robert Watson Subject: RE: vmware changes result in nasty bridging mess Cc: freebsd-hackers@FreeBSD.ORG, ports@FreeBSD.ORG Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm using vmware2 in a different way ... I do not have bridging enabled in the kernel. I'm using the host method although I do not have a "legal" subnet on the other side. I've ment to contact the port maintainer so he can add this to the Hints.FreeBSD file. I've configured 10.1.1.1 for the vmnet device, and 10.1.1.2 in windows. I use ipfw and natd to translate the info ... this works like a charm. I'm using the latest port of vmware and I don't see those messages, probably because I do not have BRIDGING enabled in the kernel. For thos interested .. here is the natd and ipfw rules. natd -u -a ipfw a 3 divert natd all from 10.1.1.2 to any out via vr0 ipfw a 4 divert natd all from any to in via vr0 I'm even accessing the NT servers :), browsing bla bla bla :) Regards Reinier On 02-Aug-00 Robert Watson wrote: > > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > ... > > The vmware2 port now seems to enable bridging by default, and generate a > kernel message for every ethernet packet sent. Bridging on by default may > have nasty side effects for multi-interface machines (especially security > side effects). I haven't read the code (I admit) but I finding the > current behavior both (a) irritating (messages) and (b) worrying > (unpredicted bridging with potential side effects). > > Robert N M Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > TIS Labs at Network Associates, Safeport Network Services > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message ################################################################### # # # R.N. Bezuidenhout NetSeq Firewall # # rbezuide@oskar.nanoteq.co.za http://www.nanoteq.co.za # # # ################################################################### ---------------------------------- Date: 03-Aug-00 Time: 09:04:34 This message was sent by XFMail ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message