Date: Mon, 10 Mar 2003 17:59:54 -0500 From: "Dave [Hawk-Systems]" <dave@hawk-systems.com> To: "freebsd-questions" <freebsd-questions@freebsd.org> Subject: transparent ipfw Message-ID: <DBEIKNMKGOBGNDHAAKGNOELBJPAB.dave@hawk-systems.com>
next in thread | raw e-mail | index | archive | help
Been browsing for a bit (knowing I will get some rtfm responses from this) but havnt come across a solid answer for this. Most solutions involve NAT or some other non-routable ip block type of solution. Have the following (192.168.100.0/24 used in place of routable addresses) - Internet connection coming into port 1 of Cisco switch(switch address 192.168.100.1). - Other FreeBSD servers(192.168.100.2 - 192.168.100.252) connected to various ports on the switch using the switch as the gateway device. - Other networks(192.168.101.0/24 etc...) connected to the switch which is bridging them over to the internet connection out of port 1. Wish to place a FreeBSD server in front of the switch to count traffic to and from various IP addresses for the entire network. NIC1 on the FreeBSD box would go to the Internet Connection NIC2 on the FreeBSD box would go to the switch. All addresses used are routable(3 /24 blocks will be coming down to NIC1), and all addresses/packets should be passed through without any NAT or other readdressing taking place. Aside from telnetting into the box itself, it doesn't need any IP addresses except for whatever is needed for the above setup. Comments appreciated, this would be my first implementation of ipfw / fw rules in general using a FreeBSD box. Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DBEIKNMKGOBGNDHAAKGNOELBJPAB.dave>