nat and firewall

Kevin Kinsey kdk at
Wed Sep 24 17:11:10 UTC 2008

FBSD1 wrote:
> natd_enable="YES"  This statement in rc.conf enables ipfw nated function.
> firewall_nat_enable="YES"  This is an invalid statement. No such thing as
> you have here.

This is no longer true; he did indeed find "firewall_nat_enable"
in /etc/defaults/rc.conf.  The knob seems to have first appeared
in February in HEAD and I'm guessing it cues the system to use a
new kernel-based nat rather than natd(8), but I've not read anything
further about this, as my system isn't as up to date as the OP's.
I don't know when this change was MFC'ed, but apparently fairly

I suppose we need someone a tad more "in the know" to straighten
that out for us.

Kevin Kinsey
A wise man can see more from a mountain top
than a fool can from the bottom of a well.

More information about the freebsd-questions mailing list