Date: Wed, 15 Jan 1997 11:43:10 PST From: Bill Fenner <fenner@parc.xerox.com> To: Rohit Dube <rohit@cs.umd.edu> Cc: Garrett Wollman <wollman@lcs.mit.edu>, security@freebsd.org Subject: Re: Firewall and FreeBSD CIDR Message-ID: <97Jan15.114314pst.177476@crevenia.parc.xerox.com> In-Reply-To: Your message of "Wed, 15 Jan 1997 08:11:40 PST." <199701151611.LAA04783@seine.cs.umd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199701151611.LAA04783@seine.cs.umd.edu>you write: >External Machine (X.Y.Z.113) / Router What's this machine's configuration? What's its netmask on this link? If its netmask is /27, then you can't get beyond the firewall because the router doesn't think it's necessary to send the packets *to* the firewall. You can fix this by configuring the router correctly, or by using the ARP_PROXYALL kludge on the firewall (sysctl -w net.link.ether.inet.proxyall=1). Bill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?97Jan15.114314pst.177476>