Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 03 Sep 2003 14:34:44 -0000
From:      "Micheal Patterson" <micheal@tsgincorporated.com>
To:        <freebsd-questions@freebsd.org>
Subject:   Re: ipfw with four interfaces
Message-ID:  <049a01c37228$7ed34860$4df24243@tsgincorporated.com>
References:  <4438.212.71.64.140.1062415470.squirrel@webmail.sandakeronline.com><046f01c370d1$9eff8ed0$0201a8c0@dredster> <3F55DD87.4010601@sandakerveien.net>

next in thread | previous in thread | raw e-mail | index | archive | help


----- Original Message ----- 
From: "Arvinn Lokkebakken" <arvinn@sandakerveien.net>
To: <freebsd-questions@freebsd.org>
Sent: Wednesday, September 03, 2003 7:24 AM
Subject: Re: ipfw with four interfaces


<snip>

> Haven't been able to try them out yet, but I don't feel allowing  The
> first 300 rule will probably help me having the firewall allowing
> traffic for me, but I wasn't really planning to allow everything in. And
> will deny rules have effect  when the traffic allready is allowed?
>
> Arvinn
>

Disregard my firewall ruleset for the time being. Do you have this system
configured to be a gateway unit? If not, no traffic will pass interface
boundaries.If your interface setup is this:

fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet w.x.y.81 netmask 0xfffffff0 broadcast w.x.y.95
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 172.16.0.1 netmask 0xffffff00 broadcast 172.16.0.255
xl2 is the interface that is connected back-to-back with the router.

Also, from the info above, xl2 connects to the router via a crossover cable.
If so, does it pull and IP?  If so, it needs to be something other than the
x.w.y.81, 192.168.0.1 or 172.16.0.1 network.

--

Micheal Patterson
TSG Network Administration
405-917-0600

Confidentiality Notice:  This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?049a01c37228$7ed34860$4df24243>