From owner-freebsd-questions  Sat Mar  4 21: 3:40 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207])
	by hub.freebsd.org (Postfix) with ESMTP id A334537B911
	for <questions@FreeBSD.ORG>; Sat,  4 Mar 2000 21:03:36 -0800 (PST)
	(envelope-from cjc@cc942873-a.ewndsr1.nj.home.com)
Received: (from cjc@localhost)
	by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id AAA51617;
	Sun, 5 Mar 2000 00:08:35 -0500 (EST)
	(envelope-from cjc)
Date: Sun, 5 Mar 2000 00:08:35 -0500
From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com>
To: Systems Administrator <geniusj@ods.org>
Cc: questions@FreeBSD.ORG
Subject: Re: Routing between 2 interface..
Message-ID: <20000305000835.B49899@cc942873-a.ewndsr1.nj.home.com>
Reply-To: cjclark@home.com
References: <Pine.BSF.4.10.10003042241070.52500-100000@ods.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <Pine.BSF.4.10.10003042241070.52500-100000@ods.org>; from geniusj@ods.org on Sat, Mar 04, 2000 at 10:46:29PM -0500
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, Mar 04, 2000 at 10:46:29PM -0500, Systems Administrator wrote:
> 
> I'm trying to setup a "dropin firewall" .. Such that when a packet reaches
> our network, it goes through the main router (the cisco) and then passes
> through the firewall (the freebsd box) and then hits the rest of the lan..
> I'm trying to do this in this way..
> 
> 63.236.135.1(Main Router) -> 63.236.135.232(Firewall NIC 1) ->
> 63.236.135.233 (Firewall NIC 2 -- Same Machine) -> rest of lan
> 
> If that makes any sense :).. If you could help me with this.. I am very
> lost right now ;).. If you need more details, etc.. Feel free to contact
> me..

From the very brief description you gave, it sounds like you might
want to use bridging (see bridge(4)). The sketch you gave would not
route well be cause you are not subnetted properly. You can either
bridge (and that would _really_ make it "drop in") or you could use a
RFC 1918 net between the router and firewall.
-- 
Crist J. Clark                           cjclark@home.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message