Date: Thu, 03 Aug 2000 09:10:06 +0200 (SAST) From: Reinier Bezuidenhout <rbezuide@oskar.dev.nanoteq.co.za> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: freebsd-hackers@FreeBSD.ORG, ports@FreeBSD.ORG Subject: RE: vmware changes result in nasty bridging mess Message-ID: <XFMail.000803091006.rbezuide@oskar.dev.nanoteq.co.za> In-Reply-To: <Pine.NEB.3.96L.1000802193745.97709C-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm using vmware2 in a different way ... I do not have bridging enabled in the kernel. I'm using the host method although I do not have a "legal" subnet on the other side. I've ment to contact the port maintainer so he can add this to the Hints.FreeBSD file. I've configured 10.1.1.1 for the vmnet device, and 10.1.1.2 in windows. I use ipfw and natd to translate the info ... this works like a charm. I'm using the latest port of vmware and I don't see those messages, probably because I do not have BRIDGING enabled in the kernel. For thos interested .. here is the natd and ipfw rules. natd -u -a <my_legal_ip> ipfw a 3 divert natd all from 10.1.1.2 to any out via vr0 ipfw a 4 divert natd all from any to <my_legal_ip> in via vr0 I'm even accessing the NT servers :), browsing bla bla bla :) Regards Reinier On 02-Aug-00 Robert Watson wrote: > > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > bridge_in-- reading table > ... > > The vmware2 port now seems to enable bridging by default, and generate a > kernel message for every ethernet packet sent. Bridging on by default may > have nasty side effects for multi-interface machines (especially security > side effects). I haven't read the code (I admit) but I finding the > current behavior both (a) irritating (messages) and (b) worrying > (unpredicted bridging with potential side effects). > > Robert N M Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > TIS Labs at Network Associates, Safeport Network Services > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message ################################################################### # # # R.N. Bezuidenhout NetSeq Firewall # # rbezuide@oskar.nanoteq.co.za http://www.nanoteq.co.za # # # ################################################################### ---------------------------------- Date: 03-Aug-00 Time: 09:04:34 This message was sent by XFMail ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.000803091006.rbezuide>