This is basically what I have set up. Unfortunately, the router box in question, a cisco 678 DSL modem, doesn't do its routing job correctly, and instead of forwarding packets via the (.2 in your case) firewall's external network interface, queries that network looking for a direct connection to the destination host.
If i've understood you correctly you want to join two seperate physical
network segments on the same subnet using the freebsd box.
Since the join is the Freebsd box then getting that to bridge the two
nics should work (assigning and IP to one if needed.)
Otherwise you'll need some more routes and to make things more complex, a working example that I have in use (wanted to firewall a class c but
was supplied with a managed router as .1 and didnt want to use bridging.)
The router and firewalls routerside nic have a .252 netmask (subnet of
.1 and .2) the router (.1) has a static route of x.y.z.0/24 via .2 (firewalls external nic) the firewall has .1 as its default route. rest of class c has firewalls other nic (.194 for no good reason) as default route.
According to the arp man page, arp should make it possible for the firewall to handle this request, but it isn't. If the firewall would pass it's own (.2 in your case) ethernet address as a proxy for the requested internal host, the router would send the packet to the firewall, which would then forward it appropriately.
Gary
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
