Re: ipfw/natd/3 nic
From: Barney Wolff (barney_at_databus.com)
Date: 12/23/03
- Previous message: Eric Anderson: "Re: WLAN card experiences wanted"
- In reply to: Peter Serwe: "ipfw/natd/3 nic"
- Next in thread: Darcy Buskermolen: "Re: ipfw/natd/3 nic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 23 Dec 2003 11:23:23 -0500 To: Peter Serwe <peter@easytree.net>
On Tue, Dec 23, 2003 at 08:23:00AM -0500, Peter Serwe wrote:
>
> I have 2 internal networks that I'll term
> private_private (192.168.1.0/24)
> and public_private (192.168.2.0/24).
>
> I have one public ip address.
>
> I need both networks to be able to surf,
> but I _never_ want ANY traffic to be able
> to go in between except from someone having
> direct access to the router. The router shouldn't
> be passing any traffic in between private networks.
I don't think you need(ed) two public addresses to accomplish what
you want. The ipfw divert rule can have "via <external-nic>" to
apply only to packets to/from the Internet, and you can have deny
rules for packets flowing between your two internal nets. I don't
see a need to run two natd's here.
-- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Eric Anderson: "Re: WLAN card experiences wanted"
- In reply to: Peter Serwe: "ipfw/natd/3 nic"
- Next in thread: Darcy Buskermolen: "Re: ipfw/natd/3 nic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
