From owner-freebsd-questions@FreeBSD.ORG Sat May 15 08:37:30 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92EB216A4CE for ; Sat, 15 May 2004 08:37:30 -0700 (PDT) Received: from lakermmtao02.cox.net (lakermmtao02.cox.net [68.230.240.37]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8E48D43D58 for ; Sat, 15 May 2004 08:37:29 -0700 (PDT) (envelope-from micheal@tsgincorporated.com) Received: from router.caverns.us.eu.org ([68.227.96.223]) by lakermmtao02.cox.netESMTP <20040515153726.DGEL12422.lakermmtao02.cox.net@router.caverns.us.eu.org>; Sat, 15 May 2004 11:37:26 -0400 Received: from dredster (dredster.rcservers.com [192.168.1.2]) i4FFbQFf031445; Sat, 15 May 2004 10:37:27 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Message-ID: <004801c43a92$91200ed0$0201a8c0@dredster> From: "Micheal Patterson" To: , "Christian Hiris" <4711@chello.at>, References: Date: Sat, 15 May 2004 10:37:37 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 cc: Anthony Philipp Subject: Re: natd -redirect_port X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 May 2004 15:37:30 -0000 ----- Original Message ----- From: "JJB" To: "Christian Hiris" <4711@chello.at>; Cc: "Anthony Philipp" Sent: Saturday, May 15, 2004 8:05 AM Subject: RE: natd -redirect_port > You are wrong, you do not have to compile ipfirewall kernel options > into the kernel. > IPFW is delivered as an bootable module. > You need this in rc.conf to enable ipfw, it will auto load the > bootable module. > > # Required For IPFW kernel firewall support > firewall_enable="YES" # Start daemon > firewall_script="/etc/ipfw.rules" # run my custom rules > firewall_logging="YES" # Enable events logging > > natd_enable="YES" # Enable IPFW nat function > natd_interface="rl0" > natd_flags="-dynamic -m -u -f /etc/natd.conf" > You're right, you don't have to recompile to use ipfw, however, since there is no divert module, the kernel will still need to be recompiled to enable divert. In order for the OP to do what they're wanting to do they will still need to recompile kernel and restart the system. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.