From owner-freebsd-questions Fri Oct 12 4:50:44 2001 Delivered-To: freebsd-questions@freebsd.org Received: from hkueee2.eee.hku.hk (hkueee2.eee.hku.hk [147.8.180.60]) by hub.freebsd.org (Postfix) with ESMTP id B47B137B403 for ; Fri, 12 Oct 2001 04:50:38 -0700 (PDT) Received: from hkueee2.eee.hku.hk (localhost [127.0.0.1]) by hkueee2.eee.hku.hk (8.12.1/8.12.1) with ESMTP id f9CBoHpT012635 for ; Fri, 12 Oct 2001 19:50:17 +0800 (HKT) Received: (from nobody@localhost) by hkueee2.eee.hku.hk (8.12.1/8.12.0/Submit) id f9CBoH8G012634 for freebsd-questions@FreeBSD.ORG; Fri, 12 Oct 2001 19:50:17 +0800 (HKT) From: Leung Ian To: freebsd-questions@freebsd.org Subject: Question about Free BSD routing Message-ID: <1002887417.3bc6d8f9570d5.21262.h9923061@147.8.2.91> Date: Fri, 12 Oct 2001 19:50:17 +0800 (HKT) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.7-cvs X-Originating-User: h9923061 X-Originating-Agent: Mozilla/4.61 [en]C-CCK-MCD (Win98; I) X-Originating-IP: 147.8.2.91 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG i want to use free BSD to implement the snoop protocol(to improve the tcp performance in wireless lan). My network is like this: A network card--"Card A" in the Server (Window 2000) connect to a network card--"Card B" in the base station (Free BSD). Another network card--"Card C" connect to a network card--"Card D" in AP1000. A wavelan card--"Card E" in AP1000 used to connect the wireless host which is also using wavelan card--"Card F". All the ip address of these is assigned by me. i want to make the FreeBSD as a firewall gateway. I have add the following lines in the config file of the kernel: --begin-- options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE_LIMIT = 200 options IPDIVERT options DUMMYNET options BRIDGE --end-- after recomplie the kernel i add the following lines in rc.conf --begin-- #enable gateway #can do it using sysctl -w net.ip.forwarding=1 gateway_enable=YES #Add to use ipfw #fireall type is open firewall_enable="YES" firewall_type="open" firewall_quite="NO" sysctl -w net.link.ether.bridge=1 arp -S banpc8 0:20:af:3d:c0:81 pub --end-- The banpc8 is the machine inside the intranet and 0:20:... is its ethernet address (not ip) Then i execute the ipfw commands using root: *ipfw flush *ipfw add pipe 1 ip from 137.189.97.184 to any After all these procedure,i can ping from "Card A" in server to "Card B" in basestation(FreeBSD), but not "Card C". I can ping from "Card F" in wireless host to "Card E" in AP1000, then to "Card D" in AP1000 then to "Card C" in basestation (FreeBSD), but not "Card B". The packet cannot route from "Card B" to "Card C". What can i do in order to route the packet from "Card B" to " Card C" or vice versa. Thank you for your help. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message