Date: Tue, 07 Aug 2001 10:40:44 -0500 From: "Douglas G. Allen" <dallen@roe35.lth2.k12.il.us> To: "David Pick" <D.M.Pick@qmw.ac.uk> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw question Message-ID: <200108071040440170.00CFFECC@mail.roe35.lth2.k12.il.us> In-Reply-To: <E15U83q-0005IG-00@xi.css.qmw.ac.uk> References: <E15U83q-0005IG-00@xi.css.qmw.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
David, >However, *if* the two IP addresses are within the same subnet, then >I do agree with you that they should have the same netmask. And should >be on the same interface! Since the subnet mask in this case is >255.255.255.192 it isn't clear from the "a.b.c.d" and "a.b.c.e" if >the two addresses are in the same subnet or different but close >subnets. Both IP addresses are within the same subnet and are intended to be within= the same subnet. In this instance, once everything is moved around and= loaded, d=3D60, e=3D43. What it sounds like to me is that I need to set= the netmask on the alias to 255.255.255.192 and then have a set of= firewall rules for the true IP and the alias. Does this sufficiently= clarify things? I was under the impression that the alias had to have a= mask of 255.255.255.255 in order to work correctly. Is my impression in= error?? Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108071040440170.00CFFECC>