From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 24 19:06:20 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ABF7516A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 24 Jun 2004 19:06:20 +0000 (GMT)
Received: from davidfuchs.ca (domains1.davidfuchs.ca [216.113.197.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4685943D5A
	for <freebsd-questions@freebsd.org>;
	Thu, 24 Jun 2004 19:06:20 +0000 (GMT)
	(envelope-from david@davidfuchs.ca)
Received: from d207-81-106-95.bchsia.telus.net ([207.81.106.95]
	helo=[190.190.104.2])
	by davidfuchs.ca with asmtp (TLSv1:AES256-SHA:256)	(Exim 4.30)
	id 1BdZXt-0000yQ-Lc
	for freebsd-questions@freebsd.org; Thu, 24 Jun 2004 12:06:01 -0700
Message-ID: <40DB2707.1020406@davidfuchs.ca>
Date: Thu, 24 Jun 2004 12:09:59 -0700
From: David Fuchs <david@davidfuchs.ca>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
	rv:1.7) Gecko/20040514
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <20040624200552.B15273@kwiatek.eu.org>
In-Reply-To: <20040624200552.B15273@kwiatek.eu.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: divert rule...
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2004 19:06:20 -0000

Andrzej Kwiatkowski wrote:

> 
> Is it possible to use fwd rule instead of divert ??
> 
> For example
> 
> 00100 fwd 127.0.0.1 8668 ip from any to any
> 
> instead of
> 
> 00100 divert 8668 ip from any to any
> 

No.  NATd was made to be used with divert sockets.  Divert are made to 
work directly with FreeBSD's packet filter (and ipfw(8)), and can stop 
data from propagating throught the IP stack, they can be used to 
modify/inject packets etc.  Forwarding simply passes a copy of the 
packet to an IP/Port, at which point it's life pretty much ends.

-- 
Thanks,
-David Fuchs BCIS (david@davidfuchs.ca)

  WWW:  http://www.davidfuchs.ca/
Blog:  http://blog.davidfuchs.ca/
  MSN:  david@davidfuchs.ca
  PGP:  http://www.davidfuchs.ca/aboutme/433EEC91.pgp