Date: Sat, 31 May 2003 12:20:28 +0300 From: Vandyuk Eugene <duke@irpen.kiev.ua> To: freebsd-security@freebsd.org Subject: Packet flow through IPFW+IPF+IPNAT ? Message-ID: <20030531122028.A16361@irpen.kiev.ua>
next in thread | raw e-mail | index | archive | help
Hi. On my FreeBSD 4.8 configured IPFW2+IPF+IPNAT and I use them all: - IPFW - traffic accounting, shaping, balancing and filtering; - IPFilter - policy routing; - IPNAT - masquerading. I want to know, how IP-packets flow through all of this components? What's the path? incoming: IPFW Layer2 -> IPFW&Dummynet -> IPNAT -> IPFilter ? outgoing: IPFW Layer2 -> IPFW&Dummynet -> IPFilter -> IPNAT ? Is this correct? Or IPNAT on the incoming packets run before IPFW L3: incoming: IPFW Layer2 -> IPNAT -> IPFW&Dummynet -> IPFilter ? I think this path is more preferable, because IPFW always use not masqueraded IP-headers. Any help appreciated.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030531122028.A16361>