Hi
First the OpenBSD 2.8/IPF bridging firewall questions.
I am running a bridging firewall with three 3COM 905 NICS, where the
Internet connection (100 Mbs) "goes down" with irregular intervals (some
times two weeks between, somtimes within 24 hours). The machine is
running on a PIII 450 with 128 MB RAM, and a "top" command shows that
everything is fine 97-98% idle CPU. The "ifconfig" and "brconfig" tells
the same as when things are fine! What can cause this loss of
connection? Also just about each minute it gives this message on the
console: "/bsd: arpresolve: can't allocate llinfo". What causes this.
Regarding OpenBSD 3.0 with PF as a bridging firewall:
1) Is it advantagous to use variables in the ruleset. E.g. I have a
webserver variable containning approx. 20 ip-addresses and a
straminsgserver variable containing only one address. Are there any
rules of thumb on when to use viables (or not)?
2) Is a PII-266 with 384MB RAM suffice hardware vise as the firewall
(with an internal 100Mbs network and a 100 Mbs Internet connection)?
What hardware is needed?
3) Is it now "possible" in PF to use the "out" option in the ruleset?
With IPF it was recommended NOT to use.
4) Besides any tips/tricks and experiences with theese bridging
firewalls are most welcome.
Thanx in advance.
And thanks to everyboddy for a GREAT list!
--
M.v.h. Kristian
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Kristian Kristensen, IT Coordinator
Technical University of Denmark
Center for Tele-Information
Building 371
2800 Kgs. Lyngby
DENMARK
rm -rf /bin/laden
