From owner-freebsd-security Fri Oct 26 1:46:55 2001 Delivered-To: freebsd-security@freebsd.org Received: from relay2.agava.net.ru (ofc.agava.net [213.59.3.194]) by hub.freebsd.org (Postfix) with ESMTP id E70A537B401 for ; Fri, 26 Oct 2001 01:46:51 -0700 (PDT) Received: from hellbell.domain (hellbell.domain [192.168.1.12]) by relay2.agava.net.ru (Postfix) with ESMTP id 073FC66B5F; Fri, 26 Oct 2001 12:46:49 +0400 (MSD) Received: from localhost (localhost [127.0.0.1]) by hellbell.domain (Postfix) with ESMTP id 207DACCFC; Fri, 26 Oct 2001 12:46:35 +0400 (MSD) Date: Fri, 26 Oct 2001 12:46:35 +0400 (MSD) From: Alexei Zakirov X-X-Sender: To: "Nickolay A.Kritsky" Cc: Subject: Re: ipfw and ipf on one box In-Reply-To: <1682052180.20011026112359@internethelp.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 26 Oct 2001, Nickolay A.Kritsky wrote: > Hi all. > > Has anybody an experience of concurrent work of ipfw and ipfilter on > one FreeBSD box? Is it possible? What will be the order of packets yes it's possible. I'm using this combination to get an in-kernel ipf NAT and ipfw working together. As I can see order is following: PKT -> (ipnat) -> (ipfilter) -> (ipfw) -> (bpf) -> INTERFACE OUT PKT <- (ipfw) <- (ipf) <- (ipnat) <- (bpf) <- INTERFACE IN *** WBR, Alexei Zakirov (frank@unshadow.net) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message