Date: Wed, 30 Aug 2000 01:38:06 +0200 From: Bernhard Valenti <bernhard.valenti@gmx.net> To: freebsd-stable@freebsd.org Subject: natd & rc.firewall Message-ID: <20000830013805.A68336@cipher.home.at>
next in thread | raw e-mail | index | archive | help
# For ``simple'' firewall type the divert rule should be put to a # different place to not interfere with address-checking rules. # case ${firewall_type} in [Ss][Ii][Mm][Pp][Ll][Ee]) ;; *) case ${natd_enable} in [Yy][Ee][Ss]) if [ -n "${natd_interface}" ]; then ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} fi ;; esac esac this will add the natd rule also if you set ${firewall_type} to a filename. i think thats not good, cause i use natd in the seperate ipfw rule file to. ( and i think so do others ) # the divert rule should be put to a # different place to not interfere with address-checking rules. ( this is not possible without modifying rc.firewall, and the reason i use an external ipfw rule file is that i dont have to touch rc.firewall :) its not a big deal, but i think it should be changed. regards, bernhard valenti To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000830013805.A68336>