[ previous ] [ next ] [ threads ]
 
 From:  Rolf Sommerhalder <rolf dot sommerhalder at alumni dot ethz dot ch>
 To:  Manuel Kasper <mk at neon1 dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] ARP Proxy for Sub-Subnet Extraction
 Date:  Sat, 06 Nov 2004 08:50:31 +0100
Hi Manuel,

> start choparp from /exec.php using a command line like the following:
> 
> /usr/local/sbin/choparp <bsdlanifname> auto 10.0.0.128/30 &

just tested again using your hint - works like a charm - excellent!

Now, I'll move on and try to replace the IPSec tunnel by OpenVPN SSL 
tunnel. If this too works (as I hope it will), then I plan to replace IP 
routing by bridging in a final step.

The objective is to assemble an easy-to-use kit for some of our global 
humanitarin operations where we can recycle surplus desktops as bridges 
to safely interconnect LAN segments (Compaq Deskpro EN Small retrofitted 
with cheap RTL8139 NICs and PCengine's IDE-CF adapters booting from CF 
card - unfortunately the BIOS does not support booting from USB keys).

We already use Wireless LAN bridges (Cisco Aironet Multifunction Bridge 
350) for extending LANs across towns - typically to link logistics bases 
near airports and war hospitals to our main office campuses downtown. 
Interestingly, I could not find yet any decent, functionally equivalent 
bridges for the situation where the wireless link can be replaced by 
some IP (Internet) connectivity. But m0n0wall seems to be a perfect fit!

If testing goes well, then we could have a first pilot bridge sporting 
extremely low-cost m0n0walls up and running in a "production network" 
abroad in a few weeks. This would be a nice case of Open Source software 
directly  facilitating humanitarian operations, saving us some money 
which can be redirected to the victims of conflicts.

Thanks a lot for your work and support.

Rolf