Date: Sun, 13 Feb 2000 16:34:42 -0500 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: Steve Hovey <shovey@buffnet.net> Cc: Matthew Jonkman <jonkman@bussert.com>, "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: Routed and public IPs Message-ID: <20000213163442.F31722@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <Pine.BSF.4.05.10002130844170.28527-100000@buffnet11.buffnet.net>; from shovey@buffnet.net on Sun, Feb 13, 2000 at 08:46:14AM -0500 References: <045f01bf75e3$32b03d20$030a0a0a@jonkmangarage.com> <Pine.BSF.4.05.10002130844170.28527-100000@buffnet11.buffnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 13, 2000 at 08:46:14AM -0500, Steve Hovey wrote: > > I believe routed just handles rip - if these public addresses need global > routing you need something that does bgp - To passwd packets to just > certain addresses and no others, you do a permit rule for the ones to > pass, deny for all others. > > Is freebsd your router? Or a machine inside from your router, acting as a > router to a subset of machines? > > On Sun, 13 Feb 2000, Matthew Jonkman wrote: > > > I have myself very confused here. > > I am running a firewall but there is a need to have public IPs behind the > > firewall that are accessible from the outside. By my feeble figuring if I > > run routed -s it will build a table and should make them visible. Am I right > > there? > > > > Is it possible to firewall public addresses behind a bsd machine? > > > > Is NAT interfering with route? If your addresses behind the firewall are static, there should be no need to run a routing daemon (like routed(8)). If you told us a bit more about your configuration, we could help. But as an example, if you have unregistered numbers, 192.168.0.0/24, and registered numbers, a.b.c.0/24, on your internal network, all you need to do is, ifconfig_if0="w.x.y.z" # External interface ifconfig_if1="a.b.c.254 netmask 0xffffff00" # Internal interface ifconfig_if1_alias0="192.168.0.254" # Internal interface natd_enable="YES" natd_flags="-u -n if0" And I think it should work fine. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000213163442.F31722>