From owner-freebsd-questions@FreeBSD.ORG Tue Jun 13 14:46:45 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 90FB816A726 for ; Tue, 13 Jun 2006 14:46:45 +0000 (UTC) (envelope-from dthomas53@gmail.com) Received: from nz-out-0102.google.com (nz-out-0102.google.com [64.233.162.207]) by mx1.FreeBSD.org (Postfix) with ESMTP id 916D743D48 for ; Tue, 13 Jun 2006 14:46:44 +0000 (GMT) (envelope-from dthomas53@gmail.com) Received: by nz-out-0102.google.com with SMTP id m7so1056048nzf for ; Tue, 13 Jun 2006 07:46:44 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=rf0yJP8EwVQqM/n2m4/FkbM7tHj+bEB/3RWW+56WHkgeQVFdwz3thPFPtGRVhkOaki5qNphWDB3077s81QyhaF2rzzl/yYi39Ea5cHBhFLPUJ3vUXr0/lO4uL0K3xkThEpv8gmOndw3Y/U00QRJhY1l4h/cqw/IR+lF+HeI9u5g= Received: by 10.36.8.4 with SMTP id 4mr10906981nzh; Tue, 13 Jun 2006 07:46:43 -0700 (PDT) Received: by 10.37.12.21 with HTTP; Tue, 13 Jun 2006 07:46:43 -0700 (PDT) Message-ID: Date: Tue, 13 Jun 2006 10:46:43 -0400 From: "David Stanford" To: fbsd@a1poweruser.com In-Reply-To: MIME-Version: 1.0 References: <28713720.541071150205688169.JavaMail.tomcat@peto> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: regi@via-rs.net, questions@freebsd.org Subject: Re: FreeBSD firewall, nat, kernel X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jun 2006 14:46:45 -0000 On 6/13/06, fbsd wrote: > > All 3 FreeBSD 6.1 firewall software products IPF, IPFW, PF and their > NAT components all work without having to be compiled into the > kernel. To get NAT functionality from IPFW you need to add 'option divert' to your kernel configuration file and recompile. fbsd was half right, it's all in the handbook ;)... "There are some additional configuration statements that need to be enabled to activate the NAT function of IPFW. The kernel source needs 'option divert' statement added to the other IPFIREWALL statements compiled into a custom kernel." http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html Read the handbook closer for details on how to activate which ever > one you want to use. > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of > regi@via-rs.net > Sent: Tuesday, June 13, 2006 9:35 AM > To: questions@FreeBSD.org > Subject: FreeBSD firewall, nat, kernel > > > Hi, > > I've just installed a FBSD 6.1 box and I want to install Firewall > and NAT services. > The handbook Firewall chapter indicates to compile Firewall if you > want NAT. > But, I could not find in the GENERIC file the IPFIREWALL options. > > Do you have an idea ? > > Thanks, > Regi > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > -David -- [root@fbsd ~]# fortune Happiness is just an illusion, filled with sadness and confusion.