From owner-freebsd-questions@FreeBSD.ORG Thu Apr 20 15:59:39 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA53716A401 for ; Thu, 20 Apr 2006 15:59:39 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay01.ispgateway.de (smtprelay01.ispgateway.de [80.67.18.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id D44B343D45 for ; Thu, 20 Apr 2006 15:59:38 +0000 (GMT) (envelope-from freebsd-listen@fabiankeil.de) Received: (qmail 24579 invoked from network); 20 Apr 2006 15:59:36 -0000 Received: from unknown (HELO localhost) ([pbs]775067@[217.50.151.5]) (envelope-sender ) by smtprelay01.ispgateway.de (qmail-ldap-1.03) with SMTP for ; 20 Apr 2006 15:59:36 -0000 Date: Thu, 20 Apr 2006 17:59:33 +0200 From: Fabian Keil To: dick hoogendijk Message-ID: <20060420175933.7168a7f0@localhost> In-Reply-To: <20060418212724.GA17694@lothlorien.nagual.st> References: <20060417125817.57c63491.dick@nagual.st> <20060418170612.3ea78256@localhost> <20060418212724.GA17694@lothlorien.nagual.st> X-Mailer: Sylpheed-Claws 2.0.0 (GTK+ 2.8.6; i386-portbld-freebsd6.0) X-PGP-KEY-URL: http://www.fabiankeil.de/gpg-keys/freebsd-listen-2006-08-19.asc Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_Qx6lUHxO.qkHg=aTaJ45LYN"; protocol="application/pgp-signature"; micalg=PGP-SHA1 Cc: freebsd-questions Subject: Re: wrired-wireless if_bridge question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Apr 2006 15:59:39 -0000 --Sig_Qx6lUHxO.qkHg=aTaJ45LYN Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable dick hoogendijk wrote: > On 18 Apr Fabian Keil wrote: > > dick hoogendijk wrote: > > > After adding the WiFi card this whould be: > > > defaultrouter=3D"82.74.2.1" > > > hostname=3D"lothlorien.nagual.st" > > > ifconfig_rl0=3D"inet 82.74.2.186 netmask 255.255.254.0" > > > ifconfig_rl1=3D"inet 192.168.11.1 netmask 255.255.255.0" > > > ifconfig_ath0=3D"ssid airport01 media autoselect mode 11g mediaopt \ > > > hostap wepmode on wepkey `cat /etc/wepkey` channel 1 up" > > > cloned_interfaces=3D"bridge0" > > > ifconfig_bridge0=3D"addm ath0 addm rl1 up" > >=20 > > You didn't specify the default wepkey, but the syntax looks > > OK to me. >=20 > > BTW don't bridge your wireless and wired networks if you don't have > > to. If your only goal is to get internet access for your wireless > > clients, it's probably safer to just add another NAT zone. >=20 > Sounds like wise advice, but how do I go about this? "Just add another > NAT", sound simple enough, but how do I do that? You wrote you had NAT and PF already running. There is no difference between adding a second NAT zone and creating the first one. > I guess safer means there will be no access to my wired network (LAN) > if I add another NAT zone? Help would be much appreciated ;-) If you don't route between your wireless and wired networks and just let both of them communicate with the internet, there will be no access between them. =20 > One other thing: if I (still) decide (in the future) to clone, would I > clone the internal Ethernet card or the one attached to my ISP? As your ISP probably wouldn't accept your local IPs, you would have to bridge between your two local NICs, otherwise you would circumvent your NAT setup. Fabian --=20 http://www.fabiankeil.de/ --Sig_Qx6lUHxO.qkHg=aTaJ45LYN Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFER6/ljV8GA4rMKUQRAkZdAJoCRom6nypOa5MZOeRNfioX3FcPpwCfUFCQ MFKxoxTAK5gIDxjzhOwF+4s= =1o0A -----END PGP SIGNATURE----- --Sig_Qx6lUHxO.qkHg=aTaJ45LYN--