Date: Wed, 29 Sep 2004 11:10:57 -0500 From: "Micheal Patterson" <micheal@tsgincorporated.com> To: "Alex de Kruijff" <freebsd@akruijff.dds.nl> Cc: sysadmin@ridley.unimelb.edu.au Subject: Re: natd not doing anything Message-ID: <06df01c4a63e$ea2d0a60$4df24243@tsgincorporated.com> References: <20040928205839.L2872@genesis.ridley.unimelb.edu.au> <20040929150553.GB885@alex.lan> <06b201c4a639$a5e76ad0$4df24243@tsgincorporated.com> <20040929155149.GD885@alex.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Alex de Kruijff" <freebsd@akruijff.dds.nl> To: "Micheal Patterson" <micheal@tsgincorporated.com> Cc: <sysadmin@ridley.unimelb.edu.au>; <r.dridan@ridley.unimelb.edu.au>; <freebsd-questions@freebsd.org> Sent: Wednesday, September 29, 2004 10:51 AM Subject: Re: natd not doing anything <snip> > This is not a problem. First ipfw and ipf are two different firewall > rules. Its perfectly ok for one to deny everything by default and the > other to accept everything. Also both firewalls can be used to gether. > Secondly where one to set something like this for one firewall, then > that firewall would most likly pick only one setting. > > He probly don't use ipf and thus can remove IPFILTHER lines. All this > does is to make the kernel a bit smaller. > > -- > Alex > > Articles based on solutions that I use: > http://www.kruijff.org/alex/FreeBSD/ Oops.. my bad. I missed that it was IPFilter and IPFW. As for the double nat, that can be an issue as I've recently had that exact same problem. If his router / natd unit isn't configured to provide nat for the range he is using, it will fail due to routing. -- Micheal Patterson Senior Communications Systems Engineer 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?06df01c4a63e$ea2d0a60$4df24243>