From owner-freebsd-hackers  Wed Aug 27 22:07:57 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id WAA08187
          for hackers-outgoing; Wed, 27 Aug 1997 22:07:57 -0700 (PDT)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.8.15.25])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id WAA08165
          for <freebsd-hackers@freebsd.org>; Wed, 27 Aug 1997 22:07:50 -0700 (PDT)
Received: (from danny@localhost)
	by panda.hilink.com.au (8.8.5/8.8.5) id PAA06596;
	Thu, 28 Aug 1997 15:06:56 +1000 (EST)
Date: Thu, 28 Aug 1997 15:06:56 +1000 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Tim Baur <tbaur@esgroup.net>
cc: freebsd-hackers@freebsd.org
Subject: Re: ipfw configuration. 
In-Reply-To: <Pine.BSI.3.96.970827214227.22270A-100000@oblivion.esgroup.net>
Message-ID: <Pine.BSF.3.91.970828150330.243F-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 27 Aug 1997, Tim Baur wrote:

> On Thu, 28 Aug 1997, Daniel O'Callaghan wrote:
> 
> > You only seem to be allowing traffic to and from fw-kam, and not through 
> > it.  Maybe that's what you intended.  ed1 and ed0 should work the same, 
> > just make sure you get the irq right - not conflicting with another device.
> 
> Well not exactally, and this is where I believe I may have made a mistake.
> I want to allow traffic thro fw-kam. Incoming packets via ed1, which would
> be passwd thro the filter, then either denyed or allowed. If allowed be
> forwarded out ed0, to the second hub and then hit the machine it was
> intending to hit. 
> 
> So therefor, I have misconfigured the rc.firewall. But I am at a loss, as
> I dont know how it should be changed. Also, being that I still want to use
> real IP addys for ed0 and the machines behind it.. Im unsure as how to
> setup ed0, would it be: ed1 207.194.190.5 (which is fw-kam.esgroup) and 
> have ed0 with the IP of 207.194.190.6 or something? :shrug:

Ah.  I think you need to read up about subnetting.  What sort of IP 
address allocation do you have?  What IP addresses have you assigned to 
devices?  How many devices do you have?

How do you connect to the Internet?  What is the ethernet interface IP 
address of your router?

Danny