From owner-freebsd-isp  Thu Oct  1 08:09:08 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA02737
          for freebsd-isp-outgoing; Thu, 1 Oct 1998 08:09:08 -0700 (PDT)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from whistle.com (s205m131.whistle.com [207.76.205.131])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA02717
          for <freebsd-isp@FreeBSD.ORG>; Thu, 1 Oct 1998 08:09:04 -0700 (PDT)
          (envelope-from archie@whistle.com)
Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id IAA19794; Thu, 1 Oct 1998 08:08:48 -0700 (PDT)
Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3)
	id sma019782; Thu Oct  1 08:08:43 1998
Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id IAA00256; Thu, 1 Oct 1998 08:08:43 -0700 (PDT)
From: Archie Cobbs <archie@whistle.com>
Message-Id: <199810011508.IAA00256@bubba.whistle.com>
Subject: Re: IPFW, Dual network cards
In-Reply-To: <3.0.3.32.19980930223953.007890e4@207.227.119.2> from "Jeffrey J. Mountin" at "Sep 30, 98 10:39:53 pm"
To: jeff-ml@mountin.net (Jeffrey J. Mountin)
Date: Thu, 1 Oct 1998 08:08:43 -0700 (PDT)
Cc: freebsd-isp@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL38 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Jeffrey J. Mountin writes:
> >> 1) Will FreeBSD (3.0-19980804-SNAP) allow us to physically separate
> >> the network by placing 2 network cards in the machine and connecting
> >> one to each of our switches? Do I need anything such as routed to be
> >> running?
> >
> >Are you talking about bridging or routing? If the former, yes but
> >with some work (ie, kernel patches). If the latter, just edit rc.conf
> >to enable IP forwarding and set up your routes. You don't need routed.
> 
> Could you clarify what you mean by "IP forwarding" in rc.conf,
  which is a bit unclear.  Don't gateway_enable=YES and natd (et all)
  handle this?

Enabling forwarding in rc.conf == setting "gateway_enable=YES" in rc.conf.
"IP forwarding" == "IP routing".

> >> 2) If so, can this network setup route other protocols - i.e Windows
> >> NetBEUI traffic or IPX setup? (I'm really looking for a 'no' answer
> >> here - if yes can it be stopped?)
> >
> >FreeBSD doesn't do that stuff.. it has some vestigial code in the
> >kernel but nobody uses it and it's disabled by default.
> 
> But doesn't stop NetBEUI over TCP/IP, does it?  This aspect,
  among others, is rather annoying in dealing with Windoze, as I
  pointed out privately.

No, routers don't typically look into the packets that they route.
Use ipfw to block ports 137,138,139 if you want to stop NetBEUI stuff.

-Archie

___________________________________________________________________________
Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message