Pipes.

[vladone]

Hello Gilberto,

Wednesday, May 3, 2006, 11:06:59 PM, you wrote:

> Helo Vladone,
> I tested your rule, but it didn't work.
> I maked some tests and I think discovery the problem, but not the solution.
> I have my servers (DNS, www, e-mail and etc) in DMZ thought PF. When I use
> pipes in ipfw, the redirects for my servers don't work, but the nat to my
> internal network (10.0.0.0/24) works.
> I belive this rule is a incompatible with rdr from PF.

> Gilberto



> On Sat, 29 Apr 2006 15:35:42 +0300
> vladone <vladone at spaingsm.com> wrote:

I dont have experience with PF but i think that is not a good idea to
put toghether PF and ipfw, simply because doing same job.
If u use pf, packets will be checked with pf and ipfw twice, so effects
are impredictible.
Use only ipfw with dummynet. For port forwarding u have simple options
to do that in natd.
If u want to use PF, then for traffic shaping need to use ALTQ, that
is a little more complicate.
Some time ago, i work with an combination PF+IPFW in this situation:
- PF used only for NAT
- ipfw used only for shaping
but isn't recommended.


Best regards,
 vladone                            mailto:vladone at spaingsm.com