viour. Does anybody knows the reasons for that and
what chances are that we ever get fully-functional ipfw code
checking _every_ packet on the stack.
Thanks.
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mailto:[EMAIL PROT
hoices so far:
1. patch libalias
2. patch the kernel (ip_output.c ? ip_fw.c? )
3. use two separate boxes for nating and ipsekking.
so when you are saying:
BAZ> - come in unencrypted and go out encrypted
it is quite a surprise for me.
What is your FreeBSD version? Can you confirm that with the tes
inside
BAZ> network will be natted back.
Yes. This part works great :)
BAZ> The ruleset gets quite tricky then but it works here (HEAD from about
BAZ> 82 days ago according to uptime ;-)
? Do you mean you have the same scenario? And diverting on inside
interface works for you?
--
Bes
processed
by ipfw,
but -reverse will help me for now.
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mailto:[EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Hello freebsd-net,
How can a body do ethernet over ip on FreeBSD? I have heard that
with netgraph you can do that. Has anybody tried this or maybe some
other way? The goal is to connect two L2 networks on remote sites.
Thanks.
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR
L2 networks on remote sites.
>>
PM> One can also try with userland tunnel daemon (like vtund), associate
PM> tunnel with tap(4) interfaces and turn on bridging on tap and LAN-side
PM> interfaces.
Thanks Pawel, that look like what I need. Big thanks to all who
answered, too.
bash-2.05b# uname -sr
FreeBSD 4.9-RELEASE
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mailto:[EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send
Wednesday, August 04, 2004, 12:08:36 AM, Pawel Malachowski wrote:
PM> On Tue, Aug 03, 2004 at 11:48:57PM +0400, Nickolay A. Kritsky wrote:
>> bash-2.05b# head -c 100 /dev/tap0 |less
PM> Try tcpdump instead.
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; m
some outgoing load balance, but still need ipfw to
MR> do some basic packet filtering, cause i have difficulty to set pf rules
MR> default to block if it's apply with load balancing rules.
MR> please enlight me..
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Softw
t; what could be the reason of all these retransmissions? Bad cabling? A
sfui> poor switch?
sfui> Thanks in advance for your help,
sfui> enrico
sfui> P.S.
sfui> If I'm writing to the wrong list, please let me know it
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Sof
ast, what results in random packet drops. Another thing that can help
is, perhaps, `flow-control' feature on the switch. But it is more
complicated, and so, from technical POV is less preferrable.
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mailto:[E
ffic was on xl0, whicj
r> was not true.
r> ?? Will the OS route traffic comming in on xl0 (with good ips) throug
r> the stacks to xl1 and then on to xl0 for external traffic.
r> ?? Will this act as a switch (mac specific) or a hub (broadcast mode).
--
Best regards,
; Nickolay A. Krits
d on.
kk> please help!!
kk> -
kk> Do you Yahoo!?
kk> Win 1 of 4,000 free domain names from Yahoo! Enter now.
kk> ___
kk> [EMAIL PROTECTED] mailing list
kk> http://lists.freebsd.org/mailm
t to read packets from the
ZSBM> divert port , but no result ...
ZSBM> I think I'm missing something ,
ZSBM> so please enlighten my mind ...
ZSBM> Many Thanks
ZSBM> --
ZSBM> Saber
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mai
" setup and masquerade
AN> (nat) the network behind the FreeBSD host using a single IP provided
AN> by the corporate VPN server.
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mailto:[EMAIL PROTECTED]
___
[EMAIL P
ZL> RDR 192.168.1.5480<- -> 160.79.174.98 80[24.215.185.142 1332]
ZL> ___
ZL> [EMAIL PROTECTED] mailing list
ZL> http://lists.freebsd.org/mailman/listinfo/freebsd-net
ZL> To unsubscribe, send any mail to "[E
JA> [EMAIL PROTECTED] mailing list
JA> http://lists.freebsd.org/mailman/listinfo/freebsd-net
JA> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mailto:[EMAIL PRO
ill take place. That is what I think is going on. Who is
the current maintainer of bridge code in FreeBSD?
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Software LLC
; mailto:[EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
link.ether.bridge_cfg=vlan1,vlan0
abc> sysctl net.link.ether.bridge_ipfw=1
abc> Does anybody think this will allow IPFW to see the packets? or that this
abc> will outright fail?
abc> Thank you everybody,
abc> Andrew
--
Best regards,
; Nickolay A. Kritsky
; SysAdmin STAR Softw
19 matches
Mail list logo