NAT: Handbook vs mailing list
Bernt Hansson
bah at bananmonarki.se
Wed Oct 9 17:05:04 UTC 2013
On 2013-10-08 06:21, Chris Stankevitz wrote:
> http://www.freebsd.org/doc/handbook/network-natd.html
>
> http://lists.freebsd.org/pipermail/freebsd-questions/2011-April/229017.html
>
> Hello,
>
> Handbook section 31.9.3 suggests I should, among other things, add the
> line ipdivert_load="YES" to /boot/loader.conf when setting up NAT.
>
> The mailing list message linked above suggests that the handbook
> information is the "old way" and that the correct way is to set
> ipfw_enable and natd_enable in rc.conf. "Then /etc/rc.d/ipfw will
> load ipfw.ko, and if natd_enable is set, will invoke /etc/rc.d/natd,
> which loads ipdivert.ko at the right time."
>
> My inclination is to follow the handbook, but I thought I should first
> check to ensure the handbook is up-to-date.
>
> Thank you,
>
This is my rc.conf with ipf (ipfilter) firewall.
# Bring up the ipfilter software
ipfilter_enable="YES"
ipmon_enable="YES" # Start IP monitor log
ipmon_flags="-D -f /var/log/ipf.log"
## Tell ipfilter where to get its rules
ipfilter_rules="/etc/ipf.rules"
#Enable ipnat
ipnat_enable="YES"
#Tell ipnat where to get its rules
ipnat_rules="/etc/ipnat.rules"
More information about the freebsd-questions
mailing list