[ previous ] [ next ] [ threads ]
 
 From:  Roy Boverhof <furymedia at gmail dot com>
 To:  Holger Bauer <Holger dot Bauer at citec dash ag dot de>
 Cc:  Chris Buechler <cbuechler at gmail dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Filtering Bridge blocking traffic for clients with multiple IP/subnets
 Date:  Mon, 19 Dec 2005 14:24:07 +0100
Damn... sometimes I hate being right ;)

Allthough I have found a cheap that will probably work! Going to the
shop to buy one now.

Thanks,

Roy

On 12/19/05, Holger Bauer <Holger dot Bauer at citec dash ag dot de> wrote:
> The LAN-Interface has a special role in the design of m0n0wall, so the answer you already gave to
yourself is correct.
> You always need a WAN and a LAN and only OPTx-interfaces can be bridged to these.
>
> Holger
>

> > Von: Roy Boverhof [mailto:furymedia at gmail dot com]
> > Gesendet: Montag, 19. Dezember 2005 13:50
> > An: Holger Bauer
> > Cc: Chris Buechler; m0n0wall at lists dot m0n0 dot ch
> > Betreff: Re: [m0n0wall] Filtering Bridge blocking traffic for clients
> > with multiple IP/subnets
> >
> >
> > Hi all,
> >
> > I am also working on a filtering bridge and I was following this
> > example: http://doc.m0n0.ch/handbook/examples-filtered-bridge.html
> >
> > But I have a problem, my server only has 2 NIC's... and to be honest,
> > I really don't need a LAN interface. Normally adding a NIC wouldn't be
> > a problem but my server is a 1U server that only has space for a 64
> > bit PCI-X card.
> >
> > My question is, do I really really need the LAN interface? I probably
> > know the answer, just making sure I don't go out and buy a 150 euro
> > NIC to get this firewall working :(
> >
> > Kind regards,
> >
> > Roy
> >
> >
> > On 12/19/05, Holger Bauer <Holger dot Bauer at citec dash ag dot de> wrote:
> > > Ok, finally got time to test this with m0n0 1.2 and I can
> > confirm that this
> > > is no issue with 1.2 any more. I was using 1.11 before for
> > some reason that
> > > doesn't matter in this kind of configuration, so I'll move
> > to 1.2 for this
> > > installation. Thanks for pointing out the solution Chris! :-)
> > >
> > > Holger
> > >

> > > > Von: Chris Buechler [mailto:cbuechler at gmail dot com]
> > > > Gesendet: Donnerstag, 15. Dezember 2005 15:42
> > > > Cc: m0n0wall at lists dot m0n0 dot ch
> > > > Betreff: Re: [m0n0wall] Filtering Bridge blocking traffic
> > for clients
> > > > with multiple IP/subnets
> > > >
> > > >
> > > > On 12/14/05, Holger Bauer <Holger dot Bauer at citec dash ag dot de> wrote:
> > > > > I want to setup a transparent filtering bridge. This device
> > > > only should provide
> > > > > trafficshaping and nothing else. I have set up this in the
> > > > past with success and
> > > > > I'm running multiple locations with that kind of setup.
> > > > However I now have to
> > > > > install filtering bridges at a location where Clients have
> > > > multiple IP adresses
> > > > > (at the same physical NIC) from different subnets:
> > > > >
> > > > > Example:
> > > > >
> > > > > ClientA--------bridged m0n0--------ClientB
> > > > >
> > > > >
> > > > > ClientA IPs:
> > > > > 192.168.1.1/24
> > > > > 10.1.1.1/24
> > > > >
> > > > > ClientB IPs:
> > > > > 192.168.1.2/24
> > > > > 10.1.1.2/24
> > > > >
> > > >
> > > > What m0n0wall version, and what hardware?  Firewall log
> > > > showing anything?
> > > >
> > > > Versions prior to one of the 1.2 betas had a bug in the
> > antispoofing
> > > > rules as related to bridged interfaces that would pop up
> > in situations
> > > > like this.  It's since been fixed though.
> > > >
> > > > -Chris
> > > >
> > > >
> > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > > > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > > >
> > > >
> > >
> > > ____________
> > > Virus checked by G DATA AntiVirusKit
> > >
> > >
> > >
> > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > >
> > >
> >
>
> ____________
> Virus checked by G DATA AntiVirusKit
>
>