From owner-freebsd-questions Mon Mar 10 14:59:59 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 911C537B401 for ; Mon, 10 Mar 2003 14:59:57 -0800 (PST) Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by mx1.FreeBSD.org (Postfix) with SMTP id B83B243FBF for ; Mon, 10 Mar 2003 14:59:56 -0800 (PST) (envelope-from dave@hawk-systems.com) Received: (qmail 59265 invoked from network); 10 Mar 2003 22:59:55 -0000 Received: from unknown (HELO ws1) (24.157.103.51) by web1.nexusinternetsolutions.net with SMTP; 10 Mar 2003 22:59:55 -0000 From: "Dave [Hawk-Systems]" To: "freebsd-questions" Subject: transparent ipfw Date: Mon, 10 Mar 2003 17:59:54 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Been browsing for a bit (knowing I will get some rtfm responses from this) but havnt come across a solid answer for this. Most solutions involve NAT or some other non-routable ip block type of solution. Have the following (192.168.100.0/24 used in place of routable addresses) - Internet connection coming into port 1 of Cisco switch(switch address 192.168.100.1). - Other FreeBSD servers(192.168.100.2 - 192.168.100.252) connected to various ports on the switch using the switch as the gateway device. - Other networks(192.168.101.0/24 etc...) connected to the switch which is bridging them over to the internet connection out of port 1. Wish to place a FreeBSD server in front of the switch to count traffic to and from various IP addresses for the entire network. NIC1 on the FreeBSD box would go to the Internet Connection NIC2 on the FreeBSD box would go to the switch. All addresses used are routable(3 /24 blocks will be coming down to NIC1), and all addresses/packets should be passed through without any NAT or other readdressing taking place. Aside from telnetting into the box itself, it doesn't need any IP addresses except for whatever is needed for the above setup. Comments appreciated, this would be my first implementation of ipfw / fw rules in general using a FreeBSD box. Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message