Date: Thu, 01 Oct 1998 12:50:55 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: Archie Cobbs <archie@whistle.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: IPFW, Dual network cards Message-ID: <3.0.3.32.19981001125055.010c99c8@207.227.119.2> In-Reply-To: <199810011508.IAA00256@bubba.whistle.com> References: <3.0.3.32.19980930223953.007890e4@207.227.119.2>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:08 AM 10/1/98 -0700, Archie Cobbs wrote: >Enabling forwarding in rc.conf == setting "gateway_enable=YES" in rc.conf. >"IP forwarding" == "IP routing". Gotcha, but isn't natd required if you use private IPs? I'd test it, but my system is still TKO. >No, routers don't typically look into the packets that they route. >Use ipfw to block ports 137,138,139 if you want to stop NetBEUI stuff. Ah yes, blocked at the router and from dial-in with filters, so there was no need for running ipfw in my case. If a network were setup with 2 ether ports on the router (Cisco or FBSD) then _every_ machine doesn't need it. The problem I see with the colo's is protecting them from each other, after you protect yourself. Steven's setup can do this. My preferance is to use a second ether port on the router. Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19981001125055.010c99c8>