I realized this after posting I should have included info restarting
rules and Joeseph has hit on it here, I now use
/usr/src/share/examples/ipfw/change_rules.sh that is with the standard
install for any firewall changes. It saves old rulesets, allows you to
view (syntax), then confirm rule change
Hello,
On Fri, 20 Jun 2003, 11:39-0300, Han Hwei Woo wrote:
> Here's the network I'm trying to setup
>
> 192.168.0.3192.168.0.1192.168.0.2
> OpenBSD | vlan0><--- vlan0 | FreeBSD | em0 ---><--- em0 | Windows 2000
>
> with net.link.ether.bridge_cfg: v
From: 'Luigi Rizzo' [mailto:[EMAIL PROTECTED]
> On Fri, Jun 20, 2003 at 02:18:17PM -0400, Don Bowman wrote:
> ...
> > Thanks very much, I will check this. I assume this will be true
> > for IPFW2 rather than IPFW.
>
> one_pass actually affect both.
> the comment in parentheses refers to "layer 2 f
On Fri, Jun 20, 2003 at 02:18:17PM -0400, Don Bowman wrote:
...
> Thanks very much, I will check this. I assume this will be true
> for IPFW2 rather than IPFW.
one_pass actually affect both.
the comment in parentheses refers to "layer 2 firewalling
which is an ipfw2-only fature (bridge firewalling
From: Luigi Rizzo [mailto:[EMAIL PROTECTED]
>
> On Fri, Jun 20, 2003 at 01:41:21PM -0400, Don Bowman wrote:
> > is there any way, in a bridging config, to have nested pipes?
>
> net.inet.ip.fw.one_pass=0 should do the job, i think the comment
> in the manpage is now incorrect and the code (in net
On Fri, Jun 20, 2003 at 01:41:21PM -0400, Don Bowman wrote:
> is there any way, in a bridging config, to have nested pipes?
net.inet.ip.fw.one_pass=0 should do the job, i think the comment
in the manpage is now incorrect and the code (in net/bridge.c)
has been fixed (one-line) to implement this.
is there any way, in a bridging config, to have nested pipes?
In particular, what i would like to achieve is a rule that
allows e.g. 64kbps per host (src-mask 0x), but
that all these hosts are in an overall 10Mbps pipe. The idea
will be that @ some times of the day the pipe is less than
fu
- Original Message -
From: "rmkml" <[EMAIL PROTECTED]>
To: "Han Hwei Woo" <[EMAIL PROTECTED]>
Sent: Friday, June 20, 2003 1:29 PM
Subject: Re: VLAN/Bridge No response from trunk Interface
> Hi,
>
> sorry I not your help,
>
> but I have question :
>
> A) why trunk on subject ?
> trunk= t
Hi,
FYI: You can play with this in conjunction with KAME dhcp6 with
following patch is applied:
http://www.imasy.or.jp/~ume/ipv6/dhcp6-ppp-20030620.diff.gz
I'm using FreeRADIUS from ports for testing.
Sincerely,
--- Begin Message ---
ume 2003/06/20 09:15:59 PDT
FreeBS
Here's the network I'm trying to setup
192.168.0.3192.168.0.1192.168.0.2
OpenBSD | vlan0><--- vlan0 | FreeBSD | em0 ---><--- em0 | Windows 2000
with net.link.ether.bridge_cfg: vlan0,em0
If I try to ping the FreeBSD machine from OpenBSD, arp request
Hello.
I have problems setting up a point-to-point link on an ethernet interface.
The computers on the link have IP:s 130.236.214.201 and 130.236.236.148,
130.236.214.201 being a FreeBSD box running 5.1.
In the ifconfig man page I saw the dest_address option for point-to-point
links. However, thi
I had a pb with my config and now with your help... it is resolved by, now I am
in front of a new problem:
The situation is described below:
- 10.0.0.0/24 - - 192.168.1.0/24
-
ed1/tun0 ep0
So...
All outcoming packets are 'nated' by the firewall, which
There are probably a couple of things you will need to do for everything to
... just work.
I agree with Julian Elischer, you should run ipfw with a basic firewall rule
set, because you will need natd running. However, this will have it's own
set of problems.
First, if you use ipfw, you will need
I find that the sockets are slow to free up if you don't explicitly close
them, but they do free up after a while.
Han Hwei Woo
- Original Message -
From: "Mike Silbersack" <[EMAIL PROTECTED]>
To: "Scot Loach" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, June 20, 2003 5:06 A
Yes, I'm running some custom patches, that must be it. Thanks for trying to
reproduce it anyway, at least now I have an idea where to look.
scot.
-Original Message-
From: Mike Silbersack [mailto:[EMAIL PROTECTED]
Sent: Friday, June 20, 2003 4:07 AM
To: Scot Loach
Cc: '[EMAIL PROTECTED]'
15 matches
Mail list logo
