From owner-freebsd-questions  Wed Jan 21 15:40:51 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA11446
          for questions-outgoing; Wed, 21 Jan 1998 15:40:51 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from gdi.uoregon.edu (gdi.uoregon.edu [128.223.170.30])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA11351
          for <freebsd-questions@FreeBSD.ORG>; Wed, 21 Jan 1998 15:40:32 -0800 (PST)
          (envelope-from dwhite@gdi.uoregon.edu)
Received: from localhost (dwhite@localhost)
          by gdi.uoregon.edu (8.8.7/8.8.8) with SMTP id PAA05349;
          Wed, 21 Jan 1998 15:40:27 -0800 (PST)
          (envelope-from dwhite@gdi.uoregon.edu)
Date: Wed, 21 Jan 1998 15:40:27 -0800 (PST)
From: Doug White <dwhite@gdi.uoregon.edu>
Reply-To: Doug White <dwhite@resnet.uoregon.edu>
To: s-mathew/Yokogawa_Blue_Star_Ltd/IN@yokogawa.soft.net
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Dual homed host
In-Reply-To: <E5256591.00225B7F.00@yokogawa.soft.net>
Message-ID: <Pine.BSF.3.96.980121153912.5192S-100000@gdi.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk

On Mon, 19 Jan 1998 s-mathew/Yokogawa_Blue_Star_Ltd/IN@yokogawa.soft.net wrote:

> I've installed FreeBSD 2.2.5 on my Compaq Deskpro by anonymous FTP using an
> NE2000 card. I want to set up a firewall using a dual homed host. My second
> card is a DEC 21041 (Tulip).
> Since the kernel seems to support both cards, I just modified rc.conf to
> get the second card up as follows:
> #network_interfaces="ed0 lo0" # List of network interfaces (lo0 is
> loopback).
> network_interfaces="de0 ed0 lo0"   # List of network interfaces (lo0 is
> loopback).
> ifconfig_de0="inet 172.30.1.83 netmask 255.255.0.0"
> ifconfig_ed0="inet 164.164.153.7  netmask 255.255.0.0"
> ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration.
> 
> 164.164.*.* is a network connected to the internet and 172.30.*.* is a
> private network.
> 
> Both cards now work, but if I ping 164.164.153.7 from another machine on
> the 172.30 .*.* network, it replies ! (The other machine is a Windows NT
> workstation with the TCP/IP gateway set to 172.30.1.83) This should not
> happen since IP forwarding is supposed to be off  by default. I verified
> that IP forwarding is off by using the sysctl utility - the value of
> net.inet.ip.forwarding is 0.
> What do I do to prevent this happening ?

Can you ping hosts on the general Internet?

> I'm attaching the following :
> 1) The output of dmesg (See attached file: dmesg)
> 2) The output of ifconfig -a -u (See attached file: ifconfig)
> 3) The output of netstat -r (See attached file: netstat)
> 4) rc.conf (See attached file: rc.conf)

Please don't uuencode, since I don't uudecode these on fears of trojans.
MIME attachments are okay, or just put into the text of the message.

Doug White                              | University of Oregon  
Internet:  dwhite@resnet.uoregon.edu    | Residence Networking Assistant
http://gladstone.uoregon.edu/~dwhite    | Computer Science Major