On 10/28/05, Thomas <[EMAIL PROTECTED]> wrote: > No progress yet. Guess having a six-week old kid and a big birthday party > didn't help :-)
No worries. 1.1 is a long way off. > Anyway, here's a what I want to get ready for 1.1: > > - Capability to create virtual interfaces bridged to physical or logical > (e.g. vlan) adapters That should be doable with that script that you sent over. > Why we'd want to have that: > > - Ability to obtain multiple WAN IPs using DHCP (and then use advanced NAT > features, e.g. for multiple web servers, multiple game hosts requiring a > specific port, etc.) > - Serve multiple IP networks on a single physical interface without vlan > tagging (if you really want to) > - Multiple IP networks per vlan (no comment) This would be some neat mojo. > (no virtual access points such as described in > http://www.solunet.com/wp/Colubris/WhitePapers/wp_vap.pdf, sorry, guys) > > As far as the GUI's concerned, each of those virtual interfaces will look > like a physical NIC, complete with MAC spoofing capabilities et al. > > I'm still trying to get my head around the different scripts, etc. that make > up pfSense, so I could really use some pointers on where to look for the > files/scripts that > > - is run when configuring the interfaces from the console (the "do you want > to create vlans now?" one) > - sets up the vlans and if configs (guess the code for setting up virtual > ifs should go there) > - builds the pf rules (might need a rule to pass packets from the physical > if to the virtual one from what i've seen so far Look in /etc/rc.initial. All the menu options feed from that script. > And I'll need to be able to check to make sure the physical interface is not > wireless (results could be quite unpredictable). That's not a problem as in config.xml a interface is marked as wireless when the user assigns the intefaces initially. > Thanks for your help and any other tips on what I should be looking out for > in order not to make my life miserable :-) No, thank you for doing all the leg work on this. This is quite interesting and if we can make it work then it somewhat removes the need for proxy-arp from what I can tell? Scott --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
