Date: Fri, 31 Aug 2001 09:50:25 +0100 From: "Daniel Fairs" <d.fairs@psychmed.co.uk> To: <freebsd-questions@freebsd.org> Subject: FW: ARP Message-ID: <FBEGIPGMEMLKMAGBBKCKEEMGCBAA.d.fairs@psychmed.co.uk>
next in thread | raw e-mail | index | archive | help
Sorry to reply to my own question. I am a dumb-ass. ipfw add allow all from any to any via xl0 fixed it for the moment. Don't worry, I'll tighten that rule later ;) I now have a nice natd/ipfw firewall (which needs more configuring, but hey). Cheers, Dan > -----Original Message----- > From: Daniel Fairs [mailto:d.fairs@psychmed.co.uk] > Sent: 31 August 2001 09:27 > To: freebsd-questions@freebsd.org > Subject: ARP > > > Hi, > > I'm having a problem setting up a FreeBSD-based firewall. The > machine has three network interfaces: > > xl0: Internal interface (192.168.0.1) > xl1: DMZ Interface (d.m.z.ip) > xl2: External Interface (public IP) > > > Currently, xl1 is not connected, I'm not worrying about it for now. > > I've got this machine connected to our ADSL router on xl2, and I > can successfully ping and make connections to the outside world > from the firewall machine. xl0 runs to a hub, and I have another, > Linux-based, test machine on that hub, address 192.168.0.2. Now, > from the firewall, I can ping 192.168.0.2. However, from the > Linux box, I cannot ping 192.168.0.1, even when the firewall is > disabled with sysctl (just to make sure packets are getting > through!). When I do a tcpdump on the Linux box while running > ping, I see arp request for who has 192.168.0.2 going out - but > the firewall is not responding to them. Do I have to enable arp > on xl0? How do I do that? Or am I missing something else? > > TIA, > Dan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FBEGIPGMEMLKMAGBBKCKEEMGCBAA.d.fairs>