My firewall box has 3 net interfaces:
em0 (internal network):
inet 172.24.42.254 netmask 0xffffff00 broadcast 172.24.42.255
em1 (internet):
inet 172.24.40.3 netmask 0xfffffc00 broadcast 172.24.43.255
em2 (wifi sandbox):
inet 172.24.42.223 netmask 0xffffffc0 broadcast 172.24.42.255
Attached to em1 I have 2 ADSL modems, 172.24.40.1 and 172.24.40.2
Default route (set through /etc/mygate) is 172.24.40.1
The firewall itself ca reach both ADSL modems, but machines on
the internal network can only reach 172.24.40.1. Here are
traceroutes from a host inside the em0 network:
traceroute to 172.24.40.1 (172.24.40.1), 30 hops max, 60 byte packets
1 172.24.42.254 (172.24.42.254) 0.598 ms 0.685 ms 0.787 ms
2 172.24.40.1 (172.24.40.1) 1.568 ms 1.560 ms 1.719 ms
traceroute to 172.24.40.2 (172.24.40.2), 30 hops max, 60 byte packets
1 172.24.42.254 (172.24.42.254) 1.251 ms 1.243 ms 1.235 ms
2 * * *
This is with pf disabled.
As the packets do reach the firewall on em0, shouldn't they be
forwarded to em1? (yes, net.inet.ip.forwarding=1)
Any advice/ideas/guidance appreciated...
Julf
