Date: Thu, 5 Aug 1999 21:46:41 +0200 (MEST) From: Christian Kratzer <ck@toplink.net> To: vagner@WWW.TIMANDPATRICK.COM Cc: Eric Lee Green <elgreen@iname.com>, freebsd-questions@FreeBSD.ORG, Joe <ibjoe@home.com> Subject: Re: FREEBSD, Proxy Server, Cable Modem Message-ID: <Pine.LNX.4.10.9908052139390.31639-100000@hirvi.toplink.net> In-Reply-To: <XFMail.990805121422.vagner@vagner.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, the point Eric was getting upset about was propably that you said yuo were only using one network card and a hub. Your cable modem is a bridge. In a setup like this all yuor ip's and mac address would leak to the public side even if you would route them onto a nat firewall first. All it needs is an arp request coming in over the wire for the ip address range yuo are using internally and your machines would answer and expose themselves. If you are running only one network card you are unprotected. Greetings Christian On Thu, 5 Aug 1999 vagner@WWW.TIMANDPATRICK.COM wrote: > Sorry it isnt me, I am using firewall and natd and i dont use the 192.168.1.xxx > for my internal addresses. > > a quick scan of their network revealed 542 duplicate ip addresses in the > range of 192.168.x.x so there are alot of "Morons" on their network > which is probably correct since they only support Microsoft morons. > > > > On 05-Aug-99 Eric Lee Green wrote: > > On Thu, 05 Aug 1999, vagner@www.timandpatrick.com wrote: > >> I also have a similiar setup, mine has only one network card, > >> basically come out of the cable modem into a hub and just plug in the > >> freebsd > >> machine and then point the other machines to the freebsd machine that has > >> firewall and natd running. > > > > So *YOU* are the moron making my kernel complain that "192.168.1.1 is on de0, > > but was accessed from rl0". (Yes, I'm on cable modem too). > > > > It's silliness like this that's going to get FreeBSD and Linux users banned > > from the cable network. You can't just put any old addresses out onto a > > public Ethernet (which is what the cable "modem" is, basically) and expect > > the > > rest of us to put up with it. > > > > Put another card into your machine and use it as a gateway and firewall. > > Please. > > I'll even send you a spare RTL-based card if you want (they're slow and > > worthless for real work, but okay for half-duplex 10BaseT), and provide > > detailed > > setup for how to set up ipfw and natd (it's pretty easy, just a couple of > > rc.conf tweaks). Just please quit polluting the public network with your > > private > > addresses! > > > > -- > > Eric Lee Green http://members.tripod.com/e_l_green > > mail: e_l_green@hotmail.com > > ^^^^^^^ Burdening Microsoft with SPAM! > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > ---------------------------------- > E-Mail: vagner@vagner.com or kf7nn@kf7nn.com > Date: 05-Aug-99 > Time: 12:07:46 > > "What the hell are you getting so upset about? I thought you > didn't believe in God." > "I don't," she sobbed, bursting violently into tears, "but the > God I don't believe in is a good God, a just God, a merciful God. He's > not the mean and stupid God you make Him out to be." > -- Joseph Heller, "Catch-22" > > This message was sent using FreeBSD Unix. > ---------------------------------- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- TopLink Internet Services GmbH ck@171.2.195.in-addr.arpa Christian Kratzer http://www.toplink.net/ Phone: +49 7032 2701-0 Fax: +49 7032 2701-19 FreeBSD spoken here! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.9908052139390.31639-100000>