Date: Mon, 13 May 2002 12:51:25 +0200 From: "Max Clements" <clementsm@swistgroup.com> To: <questions@freebsd.org> Subject: IPFW with NATD question... Message-ID: <DEC925D2FB9081448C3D6EC26E85868C02D594@steinmail.swistgroup.com>
index | next in thread | raw e-mail
I have IPFW running as my firwall to the 'net with natd for the translation. Problem is using natd with the divert socket to divert all traffic to natd, you end up with a situation where you cannot use stateful rules (at least I can't figure a way out) as an example: Say an inside machine 192.168.1.10 connects to the outside world via IPFW, with a public address of 196.6.128.200. If I log the connection verbosely I see the following: Tcp outgoing from 196.6.128.200 - outside host:port for the outgoing packets of the connection and Tcp incoming from outside host:port to 192.168.1.10 (which is the inside address) Obviously the stateful rule misses the incoming packets with different distination addresses, consequently the connection fails. Any suggestions Regards Max To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DEC925D2FB9081448C3D6EC26E85868C02D594>