From owner-freebsd-questions@FreeBSD.ORG  Wed Sep 24 18:13:14 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 762771065671
	for <freebsd-questions@freebsd.org>;
	Wed, 24 Sep 2008 18:13:14 +0000 (UTC)
	(envelope-from mail@chdevelopment.se)
Received: from av9-2-sn2.hy.skanova.net (av9-2-sn2.hy.skanova.net
	[81.228.8.180]) by mx1.freebsd.org (Postfix) with ESMTP id 327A98FC1A
	for <freebsd-questions@freebsd.org>;
	Wed, 24 Sep 2008 18:13:08 +0000 (UTC)
	(envelope-from mail@chdevelopment.se)
Received: by av9-2-sn2.hy.skanova.net (Postfix, from userid 502)
	id CC50D387C2; Wed, 24 Sep 2008 19:40:26 +0200 (CEST)
Received: from smtp4-2-sn2.hy.skanova.net (smtp4-2-sn2.hy.skanova.net
	[81.228.8.93]) by av9-2-sn2.hy.skanova.net (Postfix) with ESMTP
	id 8F78A387FB; Wed, 24 Sep 2008 19:40:26 +0200 (CEST)
Received: from melissa.chdevelopment.se (78-70-120-199-no170.tbcn.telia.com
	[78.70.120.199])
	by smtp4-2-sn2.hy.skanova.net (Postfix) with ESMTP id 4F5A337E42;
	Wed, 24 Sep 2008 19:40:26 +0200 (CEST)
Message-ID: <48DA7B8A.2050606@chdevelopment.se>
Date: Wed, 24 Sep 2008 19:40:26 +0200
From: Christer Hermansson <mail@chdevelopment.se>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US;
	rv:1.8.1.16) Gecko/20080816 SeaMonkey/1.1.11
MIME-Version: 1.0
To: n j <nino80@gmail.com>
References: <92bcbda50809230858j2dc39695x3135291bb2a3ddc7@mail.gmail.com>
In-Reply-To: <92bcbda50809230858j2dc39695x3135291bb2a3ddc7@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: Recompile kernel or module for ipfw+nat?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Sep 2008 18:13:14 -0000

n j wrote:
> Hello everyone,
>
> I have a quick question regarding the setup of nat with ipfw.
> According to the handbook:
>
> "The following options must be in the kernel configuration file:
> options IPFIREWALL
> options IPDIVERT"
>
> however, there is a kernel module called ipdivert.ko similar to
> ipfw.ko for the firewall.
>
> Is it still necessary to recompile the kernel in order to use nat with
> ipfw? Or, to put it another way, is there a possibility to use nat and
> keep the generic kernel?
>
> Thanks for any input,
>   
You can choose to use the modules or make it static by recompile the kernel.

IMHO the ipnat(8) is a more simple way to get nat.

-- 

Christer Hermansson

http://www.chdevelopment.se