From owner-freebsd-hackers  Fri Apr 14  1:14:16 2000
Delivered-To: freebsd-hackers@freebsd.org
Received: from server1.huntsvilleal.com (server1.huntsvilleal.com [207.13.224.7])
	by hub.freebsd.org (Postfix) with ESMTP id 0F78637BE5D
	for <hackers@freebsd.org>; Fri, 14 Apr 2000 01:14:14 -0700 (PDT)
	(envelope-from kris@hiwaay.net)
Received: from barricuda.bsd.nws.net (kris.huntsvilleal.com [207.13.224.46])
	by server1.huntsvilleal.com (8.9.3/8.9.3) with ESMTP id DAA28415
	for <hackers@freebsd.org>; Fri, 14 Apr 2000 03:55:30 -0400
Received: from localhost (localhost [127.0.0.1])
	by barricuda.bsd.nws.net (8.9.3/8.9.3) with ESMTP id CAA09025
	for <hackers@freebsd.org>; Fri, 14 Apr 2000 02:14:32 -0500 (CDT)
	(envelope-from kris@hiwaay.net)
Date: Fri, 14 Apr 2000 02:14:32 -0500 (CDT)
From: Kris Kirby <kris@hiwaay.net>
To: hackers@freebsd.org
Subject: Misuse of options BRIDGE?
Message-ID: <Pine.BSF.4.10.10004140203520.6886-100000@barricuda.bsd.nws.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


I've got a machine I'm trying to use to break a /24 into a few smaller
groups. I've got it options BRIDGE in the kernel, four ethernet cards
(mx0, pn0, ed0, ed1), and need to figure out the right way to do this:

I've got /24 on one side of the machine. I need a /27 (0-32) to be seen on
both sides (the router is .1, the most of the machines I want to firewall
are on .2-31). I have a NAS running from .33 to .190, and a /26 (192-255)
for another subnet. The NAS and router are on the /24. The auth server,
.6, needs to be able to communicate fairly directly with both the NAS
(.10). I don't want the NAS behind the firewall. If it is, it will be on a
seperate port. I'd tried running all three with a /24 netmask, but I still
don't see packets getting forwarded. I  do have the sysctl set to 1 for
that. (aka gateway_enable="YES").

I'd apprecaite any input from the group.... Apoligize if I seem a little
terse; it's late and I'm not all here....
-----
Kris Kirby, KE4AHR          | TGIFreeBSD... 'Nuff said.
<kris@nospam.hiwaay.net>    |    
-------------------------------------------------------
"God gave them the ability to reproduce...
	... Science gave us the hope they won't." -KBK



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message