Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 15 Jan 1997 11:11:40 -0500
From:      Rohit Dube <rohit@cs.umd.edu>
To:        Garrett Wollman <wollman@lcs.mit.edu>
Cc:        rohit@cs.umd.edu (Rohit Dube), security@FreeBSD.ORG, rohit@cs.umd.edu
Subject:   Re: Firewall and FreeBSD CIDR 
Message-ID:  <199701151611.LAA04783@seine.cs.umd.edu>
In-Reply-To: Your message of "Wed, 15 Jan 1997 10:49:40 EST." <9701151549.AA05177@halloran-eldar.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 15 Jan 1997 10:49:40 -0500 wollman@lcs.mit.edu writes:
=><<On Wed, 15 Jan 1997 09:22:54 -0500 (EST), rohit@cs.umd.edu (Rohit Dube) sai
>d:
=>
=>> [I am not sure if this belongs here, but there is no freebsd-net list..]
=>
=>> Does this mean that FreeBSD doesn't do CIDR correctly? Anybody see this
=>> before?
=>
=>God only knows.  If you provided enough information to actually tell
=>what your configuration was in actuality, then perhaps we could figure
=>out what your problem is.
=>
____

Ok. Here goes -

Routing tables on Firewall (X.Y.Z is a placeholder for my net prefix. I have
addresses 96 thru 128)

Internet:
Destination        Gateway            Flags     Refs     Use     Netif Expire
default            X.Y.Z.113          UGSc        4       99       vx1
127.0.0.1          127.0.0.1          UH          0        0       lo0
X.Y.Z.96/28        link#1             UC          0        0 
X.Y.Z.97           0:60:97:54:13:66   UHLW        0       10       lo0
X.Y.Z.98           0:0:c0:a7:8a:e4    UHLW        0        2       vx0   1139
X.Y.Z.99           0:0:c0:ac:8a:e4    UHLW        0       20       vx0   1139
X.Y.Z.112/28       link#2             UC          0        0 
X.Y.Z.113          0:0:c:33:28:3a     UHLW        4        6       vx1   1199
X.Y.Z.114          0:60:97:33:da:92   UHLW        0        4       lo0


GATEWAY option ON.
Firewall option OFF.
NOT running 'routed' or 'gated'.

Firewall has interfaces X.Y.Z.114 to external router (vx1) and X.Y.Z.97 to the
internal ethernet hub (vx0).


External Machine (X.Y.Z.113) / Router
	  |
	  |
	  |
Firewall vx1 (X.Y.Z.114)
Firewall vx0 (X.Y.Z.97)
	  |
	  |
	  |
Ethernet Hub (connecting internal machines).



Note that if I replace 10.0.0.2 on vx1 and 10.0.0.1 on the external machine
(instead of X.Y.Z.113) I can get packets across the Firewall, but not in
the configuration shown above.

The Firewall runs FreeBSD 2.2 Beta.

Thanks.

--rohit.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701151611.LAA04783>