netbsd-help: Re: Transparent Firewall w/ NetBSD

Subject: Re: Transparent Firewall w/ NetBSD
To: Jon Lindgren <jlindgren@espus.com>
From: David Wetzel <dave@turbocat.de>
List: netbsd-help
Date: 07/18/2000 12:51:33

> From: Jon Lindgren <jlindgren@espus.com>

> What you'd want is a bridging firewall.  AFAIK, as of 1.4.2 NetBSD cannot
> bridge yet (someone _please_ correct me if I'm wrong on that).  So while
> IPFilter can do "bridge-style" filtering, NetBSD won't bridge, and you're
> out of luck.

I dont know about 1.4.2 but I use this:

[CISCO] <-10BaseTCrossovercable-> [ NETBSD Tlp1 IPFilter Tlp0] <---> LAN

the cisco and the Tlp1 network card is on an different net. (2 usable IPs)

It just works.

dave@cat>traceroute www.netbsd.org
traceroute to nbwww.isc.org (204.152.186.171), 30 hops max, 40 byte packets
 1  alice (212.41.163.199)  2 ms *  1 ms
 2  cisco.turbocat.de (212.41.163.5)  2 ms  2 ms  3 ms
 3  cisco1.bln.aball.net (212.76.159.237)  37 ms  29 ms  27 ms
 4  topnet-gw.bln.aball.net (212.76.159.234)  48 ms  30 ms  30 ms
(....)

But I do not know why there is always a '*' in the first line of the traceroute.

---
   _  _
 _(_)(_)_  David Wetzel, Turbocat's Development,
(_) __ (_) Buchhorster Strasse 23, D-16567 Muehlenbeck/Berlin, FRG,
  _/  \_   Fax +49 33056 82835 NeXTmail dave@turbocat.de
 (______)  http://www.turbocat.de/
           DEVELOPMENT * CONSULTING * ADMINISTRATION