From owner-freebsd-questions@FreeBSD.ORG Wed Sep 29 16:11:08 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2449C16A4CE for ; Wed, 29 Sep 2004 16:11:08 +0000 (GMT) Received: from smtp1.tsgincorporated.com (ns1.tsgincorporated.com [67.66.242.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE4BE43D41 for ; Wed, 29 Sep 2004 16:11:07 +0000 (GMT) (envelope-from micheal@tsgincorporated.com) Received: from support.tsgincorporated.com (support.tsgincorporated.com [67.66.242.9])i8TGB2ET011906; Wed, 29 Sep 2004 11:11:02 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Received: from micheal (micheal.tsgincorporated.com [67.66.242.77]) i8TGAxmn035603; Wed, 29 Sep 2004 11:10:59 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Message-ID: <06df01c4a63e$ea2d0a60$4df24243@tsgincorporated.com> From: "Micheal Patterson" To: "Alex de Kruijff" References: <20040928205839.L2872@genesis.ridley.unimelb.edu.au> <20040929150553.GB885@alex.lan> <06b201c4a639$a5e76ad0$4df24243@tsgincorporated.com> <20040929155149.GD885@alex.lan> Date: Wed, 29 Sep 2004 11:10:57 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 X-Virus-Scanned: by amavisd-new cc: r.dridan@ridley.unimelb.edu.au cc: freebsd-questions@freebsd.org cc: sysadmin@ridley.unimelb.edu.au Subject: Re: natd not doing anything X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Sep 2004 16:11:08 -0000 ----- Original Message ----- From: "Alex de Kruijff" To: "Micheal Patterson" Cc: ; ; Sent: Wednesday, September 29, 2004 10:51 AM Subject: Re: natd not doing anything > This is not a problem. First ipfw and ipf are two different firewall > rules. Its perfectly ok for one to deny everything by default and the > other to accept everything. Also both firewalls can be used to gether. > Secondly where one to set something like this for one firewall, then > that firewall would most likly pick only one setting. > > He probly don't use ipf and thus can remove IPFILTHER lines. All this > does is to make the kernel a bit smaller. > > -- > Alex > > Articles based on solutions that I use: > http://www.kruijff.org/alex/FreeBSD/ Oops.. my bad. I missed that it was IPFilter and IPFW. As for the double nat, that can be an issue as I've recently had that exact same problem. If his router / natd unit isn't configured to provide nat for the range he is using, it will fail due to routing. -- Micheal Patterson Senior Communications Systems Engineer 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.