On Fri, May 03, 2002 at 10:10:56PM -0700, Julian Elischer wrote:
...
> Thanks for bringing this up..
> I'm actually flabberghasted that it's so. I've been assuming it was the
> other way around.
> The advantage of having it the other way would be to be able to do other
> evil
> things to ipsec pac
Thanks for bringing this up..
I'm actually flabberghasted that it's so. I've been assuming it was the
other way around.
The advantage of having it the other way would be to be able to do other
evil
things to ipsec packets, but as it is you can totally block
all packets and ipsec will still work.
I have a FreeBSD box connected to my cable modem which NATs for the rest
of my home network. Recently I set up IPSEC between that box and a few
others as an experiment. Direct connections between these boxes work fine.
However, since ip_output checks IPSEC before IPF/IPFW, my ipnat rules
for th
Bill Fumerola wrote:
> this is about representing within the freebsd network stack ethernet
> cards that support multiple (>1) unicast mac addresses through either
> multiple perfect filter entries or a multicast filter borrowed to serve
> such a purpose. until freebsd has a way of supporting this
Problem exists between keyboard and chair.
The reason why ifconfig complains is that you're assigning a point-to-point
address to an ethernet interface and both addresses have the same
point-to-point address.
This is how you add ips to an interface:
ifconfig xl0 192.168.1.1 netmask 255.255.255.
[ this is probably more appropriate for -net, -hackers bcc:'d ]
On Fri, May 03, 2002 at 08:35:01AM +0100, andrew mejia wrote:
> [andrew]$ exactly what i would suggest. a single
> NIC can handle multiple assigments pretty easily,
> unless you're expecting mega-traffic. but even then
> you coul
