Date: Sat, 8 Jan 2000 13:55:00 -0500 (EST) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: raclark@regence.com (Robert A Clarks) Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw, natd, dummynet, & PPPoE. Message-ID: <200001081855.NAA04387@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <88256860.000494D7.00@notes.or.regence.com> from Robert A Clarks at "Jan 7, 2000 04:48:33 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Robert A Clarks wrote,
> I'll be building a system to act as my firewall / proxy / router between ADSL
> and my home network.
>
> I'll be using an old 440BX based motherboard with a 225Mhz Pentium processor,
> and two Pro100+ NICs. (32MB RAM, 5.1GB IDE HD, IDE CDROM)
>
> What version of the OS should I use? 3.4R?
3.4-RELEASE or the latest 3.4-STABLE.
> Is there a document that describes the interaction between ipfw and natd?
> I want to understand how they relate before I attempt to use them.
They really do not "interact" all that much. All you need to know is:
1. Any packet starts into IPFW in the usual manner.
2. It flows through the rules in its original state until it is
passed, dropped, etc., or diverted to NATd.
3. NATd then receives the packet and does what ever it is going to
do to the packet.
=> 4. The packet, now modified by NATd, then re-enters the IPFW rule
list at the rule following where it was diverted.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
5. The modified packet then flows down the IPFW rules normally.
As I have pointed out, item (4) is the one people sometimes get
confused about.
Hope that's what you were asking. HTH.
--
Crist J. Clark cjclark@home.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001081855.NAA04387>