From owner-freebsd-questions@FreeBSD.ORG  Sat Apr 10 08:57:32 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3C23116A4CE
	for <freebsd-questions@freebsd.org>;
	Sat, 10 Apr 2004 08:57:32 -0700 (PDT)
Received: from lakermmtao03.cox.net (lakermmtao03.cox.net [68.230.240.36])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A48B043D4C
	for <freebsd-questions@freebsd.org>;
	Sat, 10 Apr 2004 08:57:31 -0700 (PDT)
	(envelope-from micheal@tsgincorporated.com)
Received: from router.caverns.us.eu.org ([68.227.96.223])
	by lakermmtao03.cox.netESMTP
	<20040410155729.LTMD25348.lakermmtao03.cox.net@router.caverns.us.eu.org>;
	Sat, 10 Apr 2004 11:57:29 -0400
Received: from dredster ([192.168.1.2])i3AFvTEK017497;
	Sat, 10 Apr 2004 10:57:30 -0500 (CDT)
	(envelope-from micheal@tsgincorporated.com)
Message-ID: <04f501c41f14$bf9b4ed0$0201a8c0@dredster>
From: "Micheal Patterson" <micheal@tsgincorporated.com>
To: "Sebastian Kutsch" <freebsd-questions@gmx.de>,
	<freebsd-questions@freebsd.org>
References: <20040410131757.585c6493.freebsd-questions@gmx.de>
Date: Sat, 10 Apr 2004 10:58:58 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Subject: Re: static NAT and firewalls
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Apr 2004 15:57:32 -0000


----- Original Message ----- 
From: "Sebastian Kutsch" <freebsd-questions@gmx.de>
To: <freebsd-questions@freebsd.org>
Sent: Saturday, April 10, 2004 6:17 AM
Subject: static NAT and firewalls


> Hi,
>
> if have have configured static NAT on machine A do the TCP/IP-packeges
> get injectet into the firewall of the machine A or do they reach machine
> B unfiltered?
>
> Sebastian
>


Sebastian,

Provided that you have an entry at the beginning of your firewall to divert
to natd, all traffic will hit that rule, get passed to natd and then
injected back into the firewall after the divert rule and then pass out
through the firewall.

--

Micheal Patterson
Network Administration
TSG Incorporated
405-917-0600