[Tfug] Open BSD Firewall

Charles Kiss charlesrkiss at hotmail.com
Wed Jun 2 21:01:38 MST 2004 

In the Debian workstation, I changed the /etc/network/interfaces file; I 
replaced the word "dhcp" with the word "static" and added the address 
information from it's routing tables.

Michael, you're helping me alot; but I think I'll have to work on it again 
for a while. Maybe give it a rest; it's already been three weeks!

Anyway, I constructed a bridge, then I got a timeout message on ne1 (again), 
so I set the timeout to zero, but I still get the message.  I deleted the 
bridge, but still the error message shows up.

The subnet mask of the workstation is being assigned 255.255.255.255, I hope 
that's okay; and there is a Destination 192.168.1.0 with an asterisk for the 
gateway; I'm guessing that it's incomplete.  I've tried assigining a gateway 
address, but I get a "no such device" error; I think I've so far tried every 
possible permutation of every possible set of network and/or host IP 
addresses, but I'm sure some combinations still remain.  The loopbacks are 
all set, including the loopback to the loopback.  I'm going to write a book; 
"Learning OpenBSD Firewalling by Trial and Error."

I've disabled the Packet Filter. Still nothing gets through.  Host command 
works on the firewall, but not on the workstation.

I think the workstation got the DNS information from previous internet 
logons pre-firewall days.

I doubt I've gotten even a single unreliable packet past the crossover 
cable.

I saw somewhere that I might have to run a command like,

dpkg --configure ?     ....but what's the package.  I've tried "dhcp", 
"inetd", etc

Maybe when I have enough energy, I'll post all the config files.

Thanks again
Charles

Did I say Whether??  Anyway, the weather here is very green and sunny, and 
slightly above a room temperature breezy, the cicadas are so loud, one can't 
hear talk over the phone when outdoors, and we're all looking forward to the 
Venetian Transit.

Sorry guys, but don't feel bad, at least you're not living in a dirty 
nuclear bomb target, though it may feel like you're getting your share of 
REM's over the long run.

More information about the tfug mailing list