Date: Fri, 11 Aug 2000 16:35:14 -0500 From: Chris Silva <chris.silva@ADMis.com> To: 'Nick Rogness' <nick@rapidnet.com>, TeRrAc <terrac@cloudfactory.org> Cc: FreeBSD IPFW list <freebsd-ipfw@FreeBSD.ORG> Subject: RE: natd + IPFW (I think i have the solution) Message-ID: <7353575D98E0D311834F00508BA0FAC91CECDA@chicago.admis.com>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
If I recall correct, DIVERT is always done on ${oif} = fxp0 for you.
-----Original Message-----
From: Nick Rogness [mailto:nick@rapidnet.com]
Sent: Friday, August 11, 2000 4:13 PM
To: TeRrAc
Cc: FreeBSD IPFW list
Subject: Re: natd + IPFW (I think i have the solution)
On Thu, 10 Aug 2000, TeRrAc wrote:
> Hi there,
>
> In re-reading this mail from Nick I see what my problem might be. My
> outside interface is fxp0, and the inside is fxp1.
> The packet flow goes like this
>
> [DSL Gateway] <---> [fxp0 <--> fxp1] <----> {the internal network}
> I had the IPFW diverting all packets through fxp1, and it appears that I
> need to have them diverted through fxp0 instead. I will not know of course
> until I get home and can try it out.
> In the meantime of course, can anyone cofirm or deny this?
I will confirm that. In your setup divert should be running on
your outside interface..
Nick Rogness
- Drive defensively. Buy a tank.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
[-- Attachment #2 --]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2650.12">
<TITLE>RE: natd + IPFW (I think i have the solution)</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>If I recall correct, DIVERT is always done on ${oif} = fxp0 for you.</FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Nick Rogness [<A HREF="mailto:nick@rapidnet.com">mailto:nick@rapidnet.com</A>]</FONT>
<BR><FONT SIZE=2>Sent: Friday, August 11, 2000 4:13 PM</FONT>
<BR><FONT SIZE=2>To: TeRrAc</FONT>
<BR><FONT SIZE=2>Cc: FreeBSD IPFW list</FONT>
<BR><FONT SIZE=2>Subject: Re: natd + IPFW (I think i have the solution)</FONT>
</P>
<BR>
<P><FONT SIZE=2>On Thu, 10 Aug 2000, TeRrAc wrote:</FONT>
</P>
<P><FONT SIZE=2>> Hi there, </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> In re-reading this mail from Nick I see what my problem might be. My</FONT>
<BR><FONT SIZE=2>> outside interface is fxp0, and the inside is fxp1.</FONT>
<BR><FONT SIZE=2>> The packet flow goes like this</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> [DSL Gateway] <---> [fxp0 <--> fxp1] <----> {the internal network}</FONT>
<BR><FONT SIZE=2>> I had the IPFW diverting all packets through fxp1, and it appears that I</FONT>
<BR><FONT SIZE=2>> need to have them diverted through fxp0 instead. I will not know of course</FONT>
<BR><FONT SIZE=2>> until I get home and can try it out. </FONT>
<BR><FONT SIZE=2>> In the meantime of course, can anyone cofirm or deny this?</FONT>
</P>
<BR>
<P> <FONT SIZE=2>I will confirm that. In your setup divert should be running on</FONT>
<BR> <FONT SIZE=2>your outside interface..</FONT>
</P>
<P><FONT SIZE=2>Nick Rogness</FONT>
<BR><FONT SIZE=2>- Drive defensively. Buy a tank.</FONT>
</P>
<BR>
<BR>
<BR>
<P><FONT SIZE=2>To Unsubscribe: send mail to majordomo@FreeBSD.org</FONT>
<BR><FONT SIZE=2>with "unsubscribe freebsd-ipfw" in the body of the message</FONT>
</P>
</BODY>
</HTML>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7353575D98E0D311834F00508BA0FAC91CECDA>