Kernel Config for NAT
Gary Dunn
osp at aloha.com
Thu Apr 8 20:43:49 UTC 2010
On Thu, 8 Apr 2010 08:10:34 -0400 Robert Huff <roberthuff at rcn.com> wrote:
> So ... double-checking I'm doing this right:
>
> 1) in /boot/loader.conf:
>
> ipfw_load="YES"
> ipdivert_load="YES"
yes; see NAT HB 31.9.3
>
> 2) in the kernel config:
IMHO, and according to Adam Vandr More, kernel options are no longer required.
>
> 3) in /etc/sysctl.conf:
>
> net.inet.ip.fw.default_to_accept="1"
see NAT HB 31.9.3
> net.inet.ip.fw.verbose="1"
> net.inet.ip.fw.verbose_limit="100"
see IPFW HB 30.6.1
I would use a smaller limit such as 5.
>
>
> That cover
> it?
Still need entries in /etc/rc.conf. See HB 30.9.5, 30.6.3, 30.6.5.7
I also have DHCP serving the downstream (private) network. Upstream gets configured by dhclient.
--
Gary Dunn, Honolulu
osp at aloha.com
http://openslate.net/
http://e9erust.blogspot.com/
Sent from a Newton 2100 via Mail V
More information about the freebsd-questions
mailing list