From: Emiel van de Laar (emielil.fontys.nl)
Date: Wed Dec 01 2004 - 17:00:37 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Rod.. Whitworth (listenwitworx.com) wrote:
> On Wed, 1 Dec 2004 15:15:33 +0100, Emiel van de Laar wrote:
>
> >Well if you have an OpenBSD box acting as a router, why spend the money
> >on an ADSL router that does pretty much the same thing.
> >
> >I'm stuck with an ADSL router here and DHCP spoofing is a pain. Have yet
> >to get it to work with OpenBSD.
>
> For interested lurkers:
>
> I have been through some kinds of hell with DHCP spoofing and "half
> bridge" modems whilst trying to get the one WAN address onto a firewall
> (OBSD/pf, of course) and I can tell you that this way lies madness.

I can confirm this. :) Recently tried to get my SpeedTouch 510v4 ADSL
router to do the same. Everything worked great until I got to setting up
the correct routes. This is a true pain and have yet to get it to work.
My Windows XP machine didn't complain and worked immediately.
From what I've read this is because MS doesn't adhere to the standards
and allows one to add an unreachable IP to the routing table.

> I am about halfway through writing a document that explains the
> principles behind what I did to get by that and to be able to route a
> /29 without buying a /30 to hang on the modem and the external i/f of
> the firewall and keep everything working without RFC1918 IPs looking
> like public IPs.

I surely am interested to know how DHCP spoofing actually works. It's a
routing trick but I have yet to completely understand it.
 
> Interested parties who reply (on list ) to this message will be able to
> get earlier answers to questions of this nature directly. I have given
> up publishing my email address on lists because it has cost too much
> time doing the unsub/resub for a whole slew of them once the unmunged
> archives are scraped by the low-life spammers.

Get me the doc and I'll see if I can get my setup going. Comments and
corrections will off course be forwarded back to you.
 
> Anyway there are less insanity-making ways to do what you want with
> most modems. Just ask and I'll reply privately. The whole ....
> tutorial(?) will be published somewhere soonish.
>
> From the land "down under": Australia.
> Do we look <umop apisdn> from up over?
>
> Do NOT CC me - I am subscribed to the list.
> Replies to the sender address will fail except from the list-server.

Thanks in advance.

Cheers,

Emiel
--
Emiel van de Laar
PGP pubkey: %finger emielil.fontys.nl

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]