Date: Sat, 8 Jan 2000 22:00:20 +0200 From: Ruslan Ermilov <ru@ucb.crimea.ua> To: cjclark@home.com Cc: Robert A Clarks <raclark@regence.com>, freebsd-questions@FreeBSD.org Subject: Re: ipfw, natd, dummynet, & PPPoE. Message-ID: <20000108220020.A7623@relay.ucb.crimea.ua> In-Reply-To: <200001081855.NAA04387@cc942873-a.ewndsr1.nj.home.com>; from Crist J. Clark on Sat, Jan 08, 2000 at 01:55:00PM -0500 References: <88256860.000494D7.00@notes.or.regence.com> <200001081855.NAA04387@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jan 08, 2000 at 01:55:00PM -0500, Crist J. Clark wrote: > Robert A Clarks wrote, > > I'll be building a system to act as my firewall / proxy / router between ADSL > > and my home network. > > > > I'll be using an old 440BX based motherboard with a 225Mhz Pentium processor, > > and two Pro100+ NICs. (32MB RAM, 5.1GB IDE HD, IDE CDROM) > > > > What version of the OS should I use? 3.4R? > > 3.4-RELEASE or the latest 3.4-STABLE. > > > Is there a document that describes the interaction between ipfw and natd? > > I want to understand how they relate before I attempt to use them. > > They really do not "interact" all that much. All you need to know is: > > 1. Any packet starts into IPFW in the usual manner. > > 2. It flows through the rules in its original state until it is > passed, dropped, etc., or diverted to NATd. > > 3. NATd then receives the packet and does what ever it is going to > do to the packet. > > => 4. The packet, now modified by NATd, then re-enters the IPFW rule > list at the rule following where it was diverted. > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Umm, not exactly, see section LOOP AVOIDANCE of the divert(4) manpage. > 5. The modified packet then flows down the IPFW rules normally. > > As I have pointed out, item (4) is the one people sometimes get > confused about. > > Hope that's what you were asking. HTH. > -- > Crist J. Clark cjclark@home.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000108220020.A7623>