Correct way to configure an IP range for firewall

[Matthew Seaman]

Maxim Khitrov wrote:

> Am I correct in assuming that I just need to add four
> ifconfig_vr0_alias[0-3] lines to rc.conf? What happens if in the
> future we get a much bigger IP block, is there a more efficient way of
> accomplishing the same thing? I don't actually want the firewall to
> consider itself the final destination for any of the additional IPs,
> it just needs to pass them to pf for nat and filtering.

Assuming your assigned network is 192.0.2.24/29:

ipv4_addrs_vr0="192.0.2.25-30"

See rc.conf(5) for details.

	Cheers,

	Matthew


-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090909/198fad8a/signature.pgp