From owner-freebsd-ipfw Sun Jun 2 23:17:21 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by hub.freebsd.org (Postfix) with ESMTP id CE65537B40A; Sun, 2 Jun 2002 23:17:09 -0700 (PDT) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020603061709.RFAY11426.rwcrmhc51.attbi.com@blossom.cjclark.org>; Mon, 3 Jun 2002 06:17:09 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g536H6037054; Sun, 2 Jun 2002 23:17:06 -0700 (PDT) (envelope-from crist.clark@attbi.com) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f Date: Sun, 2 Jun 2002 23:17:06 -0700 From: "Crist J. Clark" To: "a.s.gruner" Cc: Darren Pilgrim , freebsd-ipfw@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: ipfw+natd+ppp problem Message-ID: <20020602231706.K20911@blossom.cjclark.org> Reply-To: "Crist J. Clark" References: <20020602200539.A1206@encephalon.de> <3CFA84CF.E5AD5853@pantherdragon.org> <20020603071835.A894@encephalon.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020603071835.A894@encephalon.de>; from plankalkuel@encephalon.de on Mon, Jun 03, 2002 at 07:18:35AM +0200 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jun 03, 2002 at 07:18:35AM +0200, a.s.gruner wrote: > Hi. > > > Have you tried using the ppp -nat function instead of natd? It > > generally seems to work better, and the extra features natd provides > > aren't really needed for basic dialup access (and you can make up for > > them with ipfw). > > No i havent, i kno that option but i want to use natd like it is > described in an article on freebsd.org. It is strange that it is not > working with me. I also read that ppp+natd is more powerfull then ppp > -nat option. It depends. natd(8) and ppp(8) use the exact same code to do NAT, libalias(3). natd(8) has some additional options and since you can direct what goes to natd(8) using ipfw(8) rules, there is some more flexibility... However, that additional "flexibility" is only something else to go wrong if you do not really need it. > So, do you have an idea how i can fix my problem ? Well, the most obvious thing was that you didn't have a divert(4) rule in your firewall. But unless there is something you want to do with natd(8)-ipfw(8) that you can't do with ppp(8) '-nat,' I'd start by getting ppp(8) working right. If you still want to try out natd(8), wait to do it until after you have gotten ppp(8) working correctly. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message