Packet flow through IPFW+IPF+IPNAT ?
Vandyuk Eugene
duke at irpen.kiev.ua
Sat May 31 02:21:49 PDT 2003
Hi.
On my FreeBSD 4.8 configured IPFW2+IPF+IPNAT and I use them all:
- IPFW - traffic accounting, shaping, balancing and filtering;
- IPFilter - policy routing;
- IPNAT - masquerading.
I want to know, how IP-packets flow through all of this components?
What's the path?
incoming: IPFW Layer2 -> IPFW&Dummynet -> IPNAT -> IPFilter ?
outgoing: IPFW Layer2 -> IPFW&Dummynet -> IPFilter -> IPNAT ?
Is this correct? Or IPNAT on the incoming packets run before IPFW L3:
incoming: IPFW Layer2 -> IPNAT -> IPFW&Dummynet -> IPFilter ?
I think this path is more preferable, because IPFW always use not
masqueraded IP-headers.
Any help appreciated.
More information about the freebsd-security
mailing list