[ previous ] [ next ] [ threads ]
 
 From:  Frank Cisler <fcisler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Just Mac to get traffic out the door?
 Date:  Fri, 14 Oct 2005 14:43:48 -0400
Bryan,
  It's not an easy thing to do. I may be wrong on parts of this.
 Basis of this is that when i connect a PC, m0n0 would need to be in
promiscous (sp?) mode, and listen for all traffic.
Through RARP (i believe), the machine would find out what address the PC
itself is using.
Once it does this, it then has to create a sub-interface, with the same
subnet as the client.
 It all seems a bit "botched" to me though. Do all these client laptops have
static IP address'? Wouldent it just be alot easier to use DHCP?

 On 10/14/05, Bryan Catlin <bryancatlin at connectgroup dot net> wrote:
>
> I actually emailed with someone on the freebsd lists today and they said
> they thought it could be done with a proxy arp setting but did not know
> how
> to do this.
>
> Does anyone know about proxy arp, or where I could get more info on how to
> set it up?
>
> Bryan
>
> -----Original Message-----
> From: James W. McKeand [mailto:james at mckeand dot biz]
> Sent: Friday, October 14, 2005 9:36 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall] Just Mac to get traffic out the door?
>
> Andrew Harvey wrote:
> > On 14/10/2005, at 11:56 AM, Bryan Catlin wrote:
> >
> >> Not to keep beating this down, but I do not want the users to have
> >> to change a thing on their laptops. No matter what their IP settings
> >> are I want the monowall to give them access to the Internet IE the
> >> wan side. From what I understand this can be done by ignoring IP
> >> traffic and just using the MAC address.
> >>
> >
> > From what *I* understand this is impossible. It's not a matter of
> > what IP you have, but knowing where the gateway is. As I said before,
> > all traffic to anywhere outside the subnet the computer is on needs to
> > go through a gateway, and the client needs to know what gateway to
> > use. Thus a setting needs to be changed. This can be using DHCP or by
> > manual changes, but something has to change on the client. I can't
> > think of any simpler way to put it. IF you can get traffic to your
> > m0n0wall, then you can think about getting it through.
>
> It is not that it is impossible, it just breaks many networking rules.
> This is done in many places where public Internet is available. For it to
> work, the gateway has to be intelligent enough to allow clients to use ANY
> IP configuration. The gateway has to be able to reply to any request. When
> a
> client with a static address tries to reach its gateway and fails it will
> do
> an ARP request. The gateway must be able to say "yes that is me - here is
> my
> MAC address for your ARP cache." Can m0n0wall do this? Not at this point.
> It
> has been discussed in the past on the list - I'm too lazy this morning to
> search the list for you...
>
> _________________________________
> James W. McKeand
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>