From owner-freebsd-questions  Fri Aug 31  1:55:50 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from serv1.is1.u-net.net (serv1.is1.u-net.net [195.102.240.129])
	by hub.freebsd.org (Postfix) with ESMTP id 653AF37B405
	for <freebsd-questions@freebsd.org>; Fri, 31 Aug 2001 01:55:45 -0700 (PDT)
	(envelope-from d.fairs@psychmed.co.uk)
Received: from [213.2.28.66] (helo=DAN)
	by serv1.is1.u-net.net with smtp (Exim 3.12 #1)
	id 15cjei-0005ys-00
	for freebsd-questions@freebsd.org; Fri, 31 Aug 2001 09:28:00 +0100
From: "Daniel Fairs" <d.fairs@psychmed.co.uk>
To: <freebsd-questions@freebsd.org>
Subject: ARP
Date: Fri, 31 Aug 2001 09:26:33 +0100
Message-ID: <FBEGIPGMEMLKMAGBBKCKOEMECBAA.d.fairs@psychmed.co.uk>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hi,

I'm having a problem setting up a FreeBSD-based firewall. The machine has
three network interfaces:

xl0: Internal interface (192.168.0.1)
xl1: DMZ Interface (d.m.z.ip)
xl2: External Interface (public IP)


Currently, xl1 is not connected, I'm not worrying about it for now.

I've got this machine connected to our ADSL router on xl2, and I can
successfully ping and make connections to the outside world from the
firewall machine. xl0 runs to a hub, and I have another, Linux-based, test
machine on that hub, address 192.168.0.2. Now, from the firewall, I can ping
192.168.0.2. However, from the Linux box, I cannot ping 192.168.0.1, even
when the firewall is disabled with sysctl (just to make sure packets are
getting through!). When I do a tcpdump on the Linux box while running ping,
I see arp request for who has 192.168.0.2 going out - but the firewall is
not responding to them. Do I have to enable arp on xl0? How do I do that? Or
am I missing something else?

TIA,
Dan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message