NATD Internal Network problems
Greg Barniskis
nalists at scls.lib.wi.us
Thu Dec 29 16:05:06 PST 2005
Chris S. Wilson wrote:
> Weird, every other router I've used forwards all the packets properly,
> even my backup linksys when I hook it up.
Probably works there because there's not a very complex packet
filtering operation in the middle when using an off-the-shelf router.
Keep in mind that I'm speaking from distant memory. What you
describe doesn't work for me, never did, and I know it's been talked
about on this list as being an undesirable thing to do anyway, given
that there are better alternatives than torturing your packets.
You can possibly make FreeBSD do what you want, but (IIRC) it's
going to take some ipfw wizardry, or whatever you're using to drive
packets into natd. Also, I believe the result of that is that you'd
have to create a less secure set of rules about what is permitted to
pass. In other words the real reason this doesn't work is that as a
best practice, it shouldn't.
--
Greg Barniskis, Computer Systems Integrator
South Central Library System (SCLS)
Library Interchange Network (LINK)
<gregb at scls.lib.wi.us>, (608) 266-6348
More information about the freebsd-questions
mailing list