From owner-freebsd-questions Tue Dec 4 2:13:44 2001 Delivered-To: freebsd-questions@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 1A0AA37B405; Tue, 4 Dec 2001 02:13:42 -0800 (PST) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16BCbe-0004Hc-00; Tue, 04 Dec 2001 12:15:18 +0200 From: Sheldon Hearn To: "Crist J . Clark" Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipnat & ipfirewall ordering In-reply-to: Your message of "Tue, 04 Dec 2001 02:03:30 PST." <20011204020330.F37981@blossom.cjclark.org> Date: Tue, 04 Dec 2001 12:15:17 +0200 Message-ID: <16467.1007460917@axl.seasidesoftware.co.za> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 04 Dec 2001 02:03:30 PST, "Crist J . Clark" wrote: | ipnat ipf ipfw | in ---------------------------------> | <--------------------------------- out Excellent! I was worried that it would be: ipnat ipf ipfw in ---------------------------------> out ---------------------------------> In which case, I'd have my in rules using private addresses and my out rules using public addresses! :-( Okay, thanks for the clarification. Switching over to private addresses in my ipfw rules should be pretty painless. I'm really impressed with the way all this stuff fits together! Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message