From owner-freebsd-ipfw@FreeBSD.ORG  Mon Oct  6 10:25:12 2003
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 92BB716A4B3
	for <freebsd-ipfw@freebsd.org>; Mon,  6 Oct 2003 10:25:12 -0700 (PDT)
Received: from marlborough.cnchost.com (marlborough.concentric.net
	[207.155.248.14])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A429943FE1
	for <freebsd-ipfw@freebsd.org>; Mon,  6 Oct 2003 10:25:11 -0700 (PDT)
	(envelope-from sahafeez@edgefocus.com)
Received: from edgefocus.com ([12.106.69.222])
	by marlborough.cnchost.com
	id NAA12032; Mon, 6 Oct 2003 13:25:11 -0400 (EDT)
	[ConcentricHost SMTP Relay 1.15]
Errors-To: <sahafeez@edgefocus.com>
Date: Mon, 6 Oct 2003 10:25:09 -0700
Mime-Version: 1.0 (Apple Message framework v552)
Content-Type: text/plain; charset=US-ASCII; format=flowed
From: Sean Hafeez <sahafeez@edgefocus.com>
To: freebsd-ipfw@freebsd.org
Content-Transfer-Encoding: 7bit
Message-Id: <09049768-F822-11D7-AFEF-003065F1EE08@edgefocus.com>
X-Mailer: Apple Mail (2.552)
Subject: Not using NATD?
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Oct 2003 17:25:12 -0000

OK so normally I use NATD for the users behind the BSD box.

ipfw -f flush
/sbin/natd -interface rl0
ipfw add 999 divert natd all from any to any via rl0
ipfw add pipe 1 ip from any to any in recv rl1
ipfw add pipe 2 ip from any to any out xmit rl1
ipfw pipe 1 config mask src-ip 0xffffffff bw 1024kbits/s
ipfw pipe 2 config mask dst-ip 0xffffffff bw 1024kbits/s

rl1 is the inside 192.168.x.x network.

So strange question - I do not want to NAT anymore. I am going to be 
building a site that I want to us real IP's on the internal network. So 
if I configure the box as a gateway (and make sure my upstream router 
has a route to the external interface of the BSD for the network 
behind) will it work?

Do I need to do anything else or will the

-bash-2.05b$ cat /etc/rc.conf
gateway_enable="YES"

Just work?

Thanks!