From owner-freebsd-security Tue Apr 11 3: 6:40 2000 Delivered-To: freebsd-security@freebsd.org Received: from lsmls01.we.mediaone.net (lsmls01.we.mediaone.net [24.130.1.20]) by hub.freebsd.org (Postfix) with ESMTP id A3F9C37B69F for ; Tue, 11 Apr 2000 03:06:33 -0700 (PDT) (envelope-from ronnet@mediaone.net) Received: from mediaone.net (we-24-130-48-52.we.mediaone.net [24.130.48.52]) by lsmls01.we.mediaone.net (8.8.7/8.8.7) with ESMTP id DAA10238 for ; Tue, 11 Apr 2000 03:06:30 -0700 (PDT) Message-ID: <38F2880D.473F8F8D@mediaone.net> Date: Tue, 11 Apr 2000 03:03:57 +0100 From: Ron Smith X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: FreeBSD Security Subject: (no subject) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thanks to all, I have a dual-homed gateway running FreeBSD. The internal LAN (NIC) is class "C" (192.168.c.d). The external NIC has been assigned a static IP address from the ISP (63.203.c.d). I'm running NAT, and would like to know if this will provide enough protection for the internal LAN? I also have a firewall compiled into the kernel, but the rules prevent NAT from working whenever the firewall is in any other state except allowing "any to any". When the firewall is using "open" rules (allowing any to any) is NAT still providing protection to the internal network? If not, does anyone have any additional suggestions? TIA Ron Smith To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message