does NATd _prevent_ use of stateful ipfw rules w/ keep-state?
OpenMacNews
freebsd-ipfw.20.openmacews at spamgourmet.com
Wed Jun 2 15:34:02 PDT 2004
In continued digging for some guidance w.r.t. my earlier post, I came across the following list comment ...
> The real show stopper is ipfw with stateful rules using the 'keep state'
> option does not work when used with the divert/nated legacy sub-routine.
> What this means is ipfw with stateful rules can only be used if
> 'user ppp -nat' is how you connect to the public internet.
Is this in fact true?
If using NATd, am I relegated to a _static_ ruleset, w/ no ability to use stateful rules?
Richard
More information about the freebsd-ipfw
mailing list