From owner-freebsd-security Tue Mar 28 2:15:14 2000 Delivered-To: freebsd-security@freebsd.org Received: from smtp.mail.yahoo.com (smtp.mail.yahoo.com [128.11.68.32]) by hub.freebsd.org (Postfix) with SMTP id E995037B903 for ; Tue, 28 Mar 2000 02:15:08 -0800 (PST) (envelope-from hbenedict_fbsd@yahoo.com) Received: from ppp53-jkt3.indosat.net.id (HELO radiance) (202.155.28.180) by smtp.mail.yahoo.com with SMTP; 28 Mar 2000 02:14:58 -0800 X-Apparently-From: Message-ID: <200003281716310750.0075B3CA@smtp.mail.yahoo.com> References: <200003281125420050.0039848C@smtp.mail.yahoo.com> <200003281709490530.006F9035@smtp.indosat.net.id> <200003281713040510.00728A06@smtp.indosat.net.id> X-Mailer: Calypso Version 3.00.00.14 (3) Date: Tue, 28 Mar 2000 17:16:31 +0700 From: "Benedict H" To: freebsd-security@freebsd.org Subject: Gateway problem Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====_95423859129358=_" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --=====_95423859129358=_ Content-Type: text/plain; charset="us-ascii" Hi, I'm trying to get my FreeBSD 3.3 box up and running as a gateway between 2 local subnets. I have already recompile the kernel with the IPFIREWALL, IPFIREWALL_FORWARD, IPFILTER, DUMMYNET, and BRIDGE options. Currently the firewall rule is allow all from any to any. subnet1 -- gw -- subnet2 Here's what I've got at the console when I type netstat -r: localhost localhost UH 0 1 lo0 192.168.1/26 link#3 UC 0 0 ep0 gw UHLW 0 2 lo0 192.168.1.5 UHLW 1 1550 ep0 694 192.168.2/26 link#1 UC 0 0 xl0 gw UHLW 0 136 lo0 192.168.2.63 ff:ff:ff:ff:ff:ff UHLWb 1 1 xl0 But I encountered a problem, when I ping from gw box to host1 box, I always have the responses back to me in about 10 to 40 seconds. Then in the host1 machine, I type "tcpdump -i ep0" at the console and I think host1 runs correctly, because it always reply immediately after it gets the echo request. When I unplugged my xl0 device out of the machine, everything goes well. Anyone, please help me fix this problem. Thank you Benedict --=====_95423859129358=_ Content-Type: text/html; charset="us-ascii"
Hi,
 

I'm trying to get my FreeBSD 3.3 box up and running as a gateway between
2 local subnets. I have already recompile the kernel with the IPFIREWALL,
IPFIREWALL_FORWARD, IPFILTER, DUMMYNET, and BRIDGE options.
Currently the firewall rule is allow all from any to any.
 
            subnet1 -- gw -- subnet2
 

Here's what I've got at the console when I type netstat -r:
 
localhost       localhost           UH    0   1   lo0
192.168.1/26    link#3              UC    0   0   ep0
gw              <gw ep0 ether addr> UHLW  0   2   lo0
192.168.1.5     <host1 ether addr>  UHLW  1  1550 ep0  694
192.168.2/26    link#1              UC    0   0   xl0
gw              <gw xl0 ether addr> UHLW  0   136 lo0
192.168.2.63    ff:ff:ff:ff:ff:ff   UHLWb 1   1   xl0
 
But I encountered a problem, when I ping from gw box to host1 box,
I always have the responses back to me in about 10 to 40 seconds.
Then in the host1 machine, I type "tcpdump -i ep0" at the console
and I think host1 runs correctly, because it always reply immediately
after it gets the echo request.
 
When I unplugged my xl0 device out of the machine, everything goes well.
 
 
 

Anyone, please help me fix this problem.
 

Thank you
 

Benedict
--=====_95423859129358=_-- __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message