FreeBSD firewall, nat, kernel

[David Stanford]

On 6/13/06, fbsd <fbsd at a1poweruser.com> wrote:
>
> All 3 FreeBSD 6.1 firewall software products IPF, IPFW, PF and their
> NAT components all work without having to be compiled into the
> kernel.


To get NAT functionality from IPFW you need to add 'option divert' to your
kernel configuration file and recompile. fbsd was half right, it's all in
the handbook ;)...

"There are some additional configuration statements that need to be enabled
to activate the NAT function of IPFW. The kernel source needs 'option
divert' statement added to the other IPFIREWALL statements compiled into a
custom kernel."

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html

Read the handbook closer for details on how to activate which ever
> one you want to use.
>
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of
> regi at via-rs.net
> Sent: Tuesday, June 13, 2006 9:35 AM
> To: questions at FreeBSD.org
> Subject: FreeBSD firewall, nat, kernel
>
>
> Hi,
>
> I've just installed a FBSD 6.1 box and I want to install Firewall
> and NAT services.
> The handbook Firewall chapter indicates to compile Firewall if you
> want NAT.
> But, I could not find in the GENERIC file the IPFIREWALL options.
>
> Do you have an idea ?
>
> Thanks,
> Regi
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>


-David

-- 
[root at fbsd ~]# fortune
Happiness is just an illusion, filled with sadness and confusion.