*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I plan to run my OpenBSD box as a firewall to a small network within my home 192.168.1.x network. Do I need to configure different subnets like 192.68.1.x for the whole network and 192.168.2.x for the one behind the OpenBSD box?
generally a firewall is set up as a network bridge at the same time, seperating two networks and only allowing certain traffic through etc. The idea being that the machine as two network cards one set to the local network and the other set to the remote network. Often this remote network is your drect internet connection. In the case that you have a router connected to the internet and want this machine to firewall everything coming in from that router then yes it would be best to set the router address and one the the eth card addresses to be one the same sub-net, seperate from the local network.
Thanks for the reply! OpenBSD is such a different animal so it feels like the first time again I'm firewalling my home network from my landlord's 192.168.1.x network. I was just wandering if "double nat" or more precisely "double pat" would work.
should do the packets don't really care about the exact addresses, only that they know where to go. So your packets get re-written to look like they are coming from your gateway onto your landlords network and then the landlords network does basically the same thing onto the internet or whatever.
OK, I've got my external NIC xl0 getting a dynamic address from the router, now how do I configure xl1 (internal NIC) to use xl0 as the uplink. Do I need to give xl0 a static IP? I'm still planning to use 192.168.2.x as my internal network. Is it simply a matter of configuring pf for NAT?