Date: Thu, 27 Jul 2006 00:15:44 -0300 (ADT) From: Tony Abou-Assaleh <taa@acm.org> To: "elaconta.com Webmaster" <webmaster@elaconta.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: FreeBSD Gateway to replace old Linux gateway Message-ID: <Pine.GSO.4.58.0607262355010.5824@flame.cs.dal.ca> In-Reply-To: <44C7F4BE.2080805@elaconta.com> References: <44C7C55E.3090907@elaconta.com> <Pine.GSO.4.58.0607261911170.5824@flame.cs.dal.ca> <44C7F4BE.2080805@elaconta.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 27 Jul 2006, elaconta.com Webmaster wrote: > The routing table on the Linux box, as shown per the "route" command: > > [root@visao root]# route > Tabela de Roteamento IP do Kernel > Destino Roteador M=E1scaraGen. Op=E7=F5es M=E9= trica > Ref Uso Iface > 192.168.1.0 * 255.255.255.0 U 0 > 0 0 eth1 > 192.168.1.0 * 255.255.255.0 U 0 > 0 0 eth1 > 127.0.0.0 * 255.0.0.0 U 0 > 0 0 lo > default 192.168.1.120 0.0.0.0 UG 0 > 0 0 eth0 > > Hum, some things in this table are in portuguese... Basically "Tabela de > Roteamento IP do Kernel" means Kernel IP Routing Table, "Destino" means > Destiny, "Roteador" means Router, "M=E1scara" means Mask. > Now the thing that strikes me in this Linux routing table are the > asterisks (*).Are they normal, or some kind of Linux black magic? > Is there a way to reproduce this routing table on FreeBSD? What do the > asteriks mean? In English, the headings are: Destination Gateway Genmask Flags Metric Ref Use Iface Gateway is more appropriately described as 'next hop'. In your case, that would be the IP of your router for all outgoing external traffic. Since the internal traffic is connected directly (likely through an Ethernet hub), packets going to the LAN should be destined directly to their destination IP. According to your routing table, I believe there is no way to access the web interface of your router (if any) from your LAN, because all 192.168.1.* traffic will be sent on eth1, which is your LAN. You can use the route command manipulate the routing table directly and reproduce the above. I think it can also be done using the firewall, but it's a little trickier there. Check your firewall rules to see if it is set explicitly there. (if it is, then you should see rules that are similar to the entries in the routing table in terms of content). Cheers, TAA ----------------------------------------------------- Tony Abou-Assaleh Email: taa@acm.org Web site: http://taa.eits.ca ----------------------[THE END]----------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.58.0607262355010.5824>