Bruce A. Mah on 12/02/2005 8:02 PM wrote:
If memory serves me right, David Pierron wrote:
Ah! I applied those settings to rc.conf and got the following results:
fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 xxxx::xxx:xxxx:xxxx:xxxx%fxp0 prefixlen 64 scopeid 0x1
ether xx:xx:xx:xx:xx:xx
media: Ethernet autoselect (none)
status: no carrier
fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 xxxx::xxx:xxxx:xxxx:xxxx%fxp1 prefixlen 64 scopeid 0x2
ether xx:xx:xx:xx:xx:xx
media: Ethernet autoselect (none)
status: no carrier
OK, this looks better. No guarantees but I'm pretty sure it would never
have worked before. Hopefully this will at least get you closer.
Bah! Left my IP address in there, but heck ... Who can't look at email
headers?
can't wait until the wee hours to test this! They do seem to have
IPV6 addresses ... Can I shut that off? Comment out IPV6 in the
kernel? I don't need IPV6 ...
If you really want them gone, then you probably need to comment out IPv6
from your kernel.
Since I don't need it at all, I think good to remove from the kernel so
nothing is an issue ... Saves me on the ruleset typing and it won't
generate those rules needlessly ... While composing I was compiling the
new kernel ... Commenting out IPV6 and removing "inet" from the rule
did the trick ... It no longer produces 2 rules ...
Anyway, I'll report on the ifconfig_inf(x)="up" and see if that is the ticket
...
Looking forward to hearing the good news...
Excuse my French but, OMFG! That was it!
I had seen that as part of the OBSD setup ... but I thought that was the
way OBSD worked or something because these statements were not necessary
for the IPFW BRIDGE setup I have in place now ...
I stuffed those CAT5 puppies into the NICs for about 5 minutes maybe ...
Got 4100 lines of blocks from the two interfaces ... (They were all
"block in" btw) ... Here I thought there wasn't that much traffic at
this time of the AM ... Now will compose a ruleset before I start using
it again ...
Viewing with tcpdump -n -e -ttt -r /var/log/pflog ... WAY more detailed
than the IPFW BRIDGE ... Just seeing the DNS queries to the name
servers ... NEAT! I even see how noisy the Windows machines are ... so
many broadcasts ... I have a colo here, and I see he has DHCP running
... Why? I will ask him later today ...
Thanks ever so much! I popped your name in the HOW-TO I am creating @
http://test.davidpierron.com/fbsd-pf.php
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
