Building home router: 192.168.0.x to access internet
Mel Flynn
mel.flynn+fbsd.questions at mailing.thruhere.net
Sun Aug 9 03:29:20 UTC 2009
On Saturday 08 August 2009 18:32:30 Nerius Landys wrote:
> First, my choise of internal network IP addresses is 192.168.0.x. My
> router machine's IP address will be 192.168.0.254 (that's the
> interface facing the internal network). The IP addresses of the
> machines behind the router will start at 192.168.0.2 and go up. I'm
> wondering if this choice of IP addresses is conventional or good. Is
> this numbering scheme decent?
Convention is to use the lowest host IP address for the router and the highest
for broadcast. Yet, it is only convention. There's nothing stopping you from
using other address, as long as your client machines know this.
> If so, can someone give me a really minimal yet secure packet filter
> rule set that would do the job? (I'm prepared to read the pf docs,
> which will take me a few hours.) The router will connect to the
> outside via DHCP, and from what I remember I had to add a rule to not
> drop packets that were DHCP-related.
There's actually a nice example in the PF FAQ that covers some basics:
http://www.openbsd.org/faq/pf/tagging.html
There used to be a sample pf.conf, but I see that got nuked, yet there still
are examples in /usr/share/examples/pf/.
--
Mel
More information about the freebsd-questions
mailing list