From owner-freebsd-questions@FreeBSD.ORG Wed Sep 3 07:34:44 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0779616A4C1 for ; Wed, 3 Sep 2003 07:34:44 -0700 (PDT) Received: from mail.cancercare.net (mail.tsgincorporated.com [67.66.242.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9041F43FE5 for ; Wed, 3 Sep 2003 07:34:39 -0700 (PDT) (envelope-from micheal@tsgincorporated.com) Received: (from root@localhost) by mail.cancercare.net (8.12.8/8.12.4) id h83EYcPn012509 for freebsd-questions@freebsd.org; Wed, 3 Sep 2003 09:34:38 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Received: from MICHEAL ([67.66.242.77]) by mail.cancercare.net (8.12.8/8.12.4) with SMTP id h83EYYDJ012497 for ; Wed, 3 Sep 2003 09:34:34 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Message-ID: <049a01c37228$7ed34860$4df24243@tsgincorporated.com> From: "Micheal Patterson" To: References: <4438.212.71.64.140.1062415470.squirrel@webmail.sandakeronline.com><046f01c370d1$9eff8ed0$0201a8c0@dredster> <3F55DD87.4010601@sandakerveien.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Virus-Scanned: by AMaViS 0.3.12 Subject: Re: ipfw with four interfaces X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Wed, 03 Sep 2003 14:34:44 -0000 X-Original-Date: Wed, 3 Sep 2003 09:34:32 -0500 X-List-Received-Date: Wed, 03 Sep 2003 14:34:44 -0000 ----- Original Message ----- From: "Arvinn Lokkebakken" To: Sent: Wednesday, September 03, 2003 7:24 AM Subject: Re: ipfw with four interfaces > Haven't been able to try them out yet, but I don't feel allowing The > first 300 rule will probably help me having the firewall allowing > traffic for me, but I wasn't really planning to allow everything in. And > will deny rules have effect when the traffic allready is allowed? > > Arvinn > Disregard my firewall ruleset for the time being. Do you have this system configured to be a gateway unit? If not, no traffic will pass interface boundaries.If your interface setup is this: fxp0: flags=8843 mtu 1500 inet w.x.y.81 netmask 0xfffffff0 broadcast w.x.y.95 xl0: flags=8843 mtu 1500 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 xl1: flags=8843 mtu 1500 inet 172.16.0.1 netmask 0xffffff00 broadcast 172.16.0.255 xl2 is the interface that is connected back-to-back with the router. Also, from the info above, xl2 connects to the router via a crossover cable. If so, does it pull and IP? If so, it needs to be something other than the x.w.y.81, 192.168.0.1 or 172.16.0.1 network. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.