ipnat+ipfw + 3 gateways
fbsd_user
fbsd_user at a1poweruser.com
Sun Dec 14 16:23:34 PST 2003
What do you think IPF is? That's the utility name used to load
filter rules into IPFILTER.
So you are doing just what I said. The original poster said
nothing about doing traffic shaping.
IPNAT will not function with out IPFILTER rules. At lease pass in
all on all interfaces. He listed none in his post.
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Tillman
Hodgson
Sent: Sunday, December 14, 2003 6:38 PM
To: freebsd-questions at freebsd.org
Subject: Re: ipnat+ipfw + 3 gateways
On Sun, Dec 14, 2003 at 06:01:08PM -0500, fbsd_user wrote:
> I think you are confused. IPNAT is part of ipfilter firewall and
> IPFW is an different firewall who has his own NATD function. You
can
> not use one part from one and the other part from the other one.
> They work as an set, IPNAT/IPFILTER or IPFW/NATD. Your best bet
is
> to use IPNAT and it's firewall IPFILTER.
Not necessarily true. I'm using IPF for packet filtering, IPNAT for
NAT,
and IPFW for traffic shaping on the same firewall.
The order that a packet is mangled becomes important, but that's
solved
simply by being careful when designing the firewall.
-T
--
Draw bamboos for ten years, become a bamboo, then forget all about
bamboos
when you are drawing.
Georges Duthuit
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list