From owner-freebsd-hackers Wed Feb 23 3:13:35 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from info.iet.unipi.it (info.iet.unipi.it [131.114.9.184]) by hub.freebsd.org (Postfix) with ESMTP id 38A9D37B7AE for ; Wed, 23 Feb 2000 03:13:28 -0800 (PST) (envelope-from luigi@info.iet.unipi.it) Received: (from luigi@localhost) by info.iet.unipi.it (8.9.3/8.9.3) id MAA02193; Wed, 23 Feb 2000 12:07:53 +0100 (CET) (envelope-from luigi) From: Luigi Rizzo Message-Id: <200002231107.MAA02193@info.iet.unipi.it> Subject: Re: FreeBSD as high speed router In-Reply-To: <20000223115722.A23927@gil.physik.rwth-aachen.de> from Christoph Kukulies at "Feb 23, 2000 11:57:22 am" To: Christoph Kukulies Date: Wed, 23 Feb 2000 12:07:53 +0100 (CET) Cc: Martin Cracauer , hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > I have a Firewall with quite some filtering that has a throughput of > > about 7MB/sec. It is a P-90 in a HX board with 32 MB and two fxp > > Interesting. > > > The thing is bootet from floppy and is a pure filtering router, no > > NAT, no applications/server, no proxies (which is suicide on a > > firewall anyway). > > Would be interesting to tell how you managed to produce a bootable floppy > with the subsequent scripting that starts the OS and all that. you can probably look at the scripts used in picobsd (in the source tree) and you will also find in the images at http://www.iet.unipi.it/~luigi/ip_dummynet/ http://www.iet.unipi.it/~luigi/pgm.html (probably second one is more featureful). The idea is that the rc.network scripts try to match the MAC address of the first card found with a database of ethernet cards in /etc/hosts, getting a hostname and then assigning a machine identity, and from there rc.conf.local and rc.firewall have a switch() to decide what to do and all the rest. cheers luigi -----------------------------------+------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56126 PISA (Italy) Mobile +39-347-0373137 -----------------------------------+------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message