Date: Thu, 20 Apr 2006 17:59:33 +0200 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: dick hoogendijk <dick@nagual.st> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: wrired-wireless if_bridge question Message-ID: <20060420175933.7168a7f0@localhost> In-Reply-To: <20060418212724.GA17694@lothlorien.nagual.st> References: <20060417125817.57c63491.dick@nagual.st> <20060418170612.3ea78256@localhost> <20060418212724.GA17694@lothlorien.nagual.st>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_Qx6lUHxO.qkHg=aTaJ45LYN Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable dick hoogendijk <dick@nagual.st> wrote: > On 18 Apr Fabian Keil wrote: > > dick hoogendijk <dick@nagual.st> wrote: > > > After adding the WiFi card this whould be: > > > defaultrouter=3D"82.74.2.1" > > > hostname=3D"lothlorien.nagual.st" > > > ifconfig_rl0=3D"inet 82.74.2.186 netmask 255.255.254.0" > > > ifconfig_rl1=3D"inet 192.168.11.1 netmask 255.255.255.0" > > > ifconfig_ath0=3D"ssid airport01 media autoselect mode 11g mediaopt \ > > > hostap wepmode on wepkey `cat /etc/wepkey` channel 1 up" > > > cloned_interfaces=3D"bridge0" > > > ifconfig_bridge0=3D"addm ath0 addm rl1 up" > >=20 > > You didn't specify the default wepkey, but the syntax looks > > OK to me. >=20 > > BTW don't bridge your wireless and wired networks if you don't have > > to. If your only goal is to get internet access for your wireless > > clients, it's probably safer to just add another NAT zone. >=20 > Sounds like wise advice, but how do I go about this? "Just add another > NAT", sound simple enough, but how do I do that? You wrote you had NAT and PF already running. There is no difference between adding a second NAT zone and creating the first one. > I guess safer means there will be no access to my wired network (LAN) > if I add another NAT zone? Help would be much appreciated ;-) If you don't route between your wireless and wired networks and just let both of them communicate with the internet, there will be no access between them. =20 > One other thing: if I (still) decide (in the future) to clone, would I > clone the internal Ethernet card or the one attached to my ISP? As your ISP probably wouldn't accept your local IPs, you would have to bridge between your two local NICs, otherwise you would circumvent your NAT setup. Fabian --=20 http://www.fabiankeil.de/ --Sig_Qx6lUHxO.qkHg=aTaJ45LYN Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFER6/ljV8GA4rMKUQRAkZdAJoCRom6nypOa5MZOeRNfioX3FcPpwCfUFCQ MFKxoxTAK5gIDxjzhOwF+4s= =1o0A -----END PGP SIGNATURE----- --Sig_Qx6lUHxO.qkHg=aTaJ45LYN--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060420175933.7168a7f0>