From owner-freebsd-questions  Sat Aug 17  9:14:21 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4376337B400
	for <questions@FreeBSD.ORG>; Sat, 17 Aug 2002 09:14:18 -0700 (PDT)
Received: from rambo.401.cx (rambo.401.cx [80.65.205.166])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 723EB43E3B
	for <questions@FreeBSD.ORG>; Sat, 17 Aug 2002 09:14:17 -0700 (PDT)
	(envelope-from listsub@401.cx)
Received: from 401.cx (rocky [192.168.0.2])
	by rambo.401.cx (8.12.5/8.12.5) with ESMTP id g7HGDrZu068223;
	Sat, 17 Aug 2002 18:13:54 +0200 (CEST)
	(envelope-from listsub@401.cx)
Message-ID: <3D5E76C9.7000206@401.cx>
Date: Sat, 17 Aug 2002 18:16:09 +0200
From: "Roger 'Rocky' Vetterberg" <listsub@401.cx>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0rc2) Gecko/20020618 Netscape/7.0b1
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: barbish@a1poweruser.com
Cc: FBSDQ <questions@FreeBSD.ORG>
Subject: Re: IPNAT & IPFW
References: <MIEPLLIBMLEEABPDBIEGIEKCCIAA.barbish@a1poweruser.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

JoeB wrote:
> I have ipfw compiled into the kernel and activate ipnat in the rc.conf. 
> Boot says ipnat dynamically loaded, But testing shows no NAT on 
> LAN machines.
> 
> Yes I know IPFW has natd function, but it does not function correctly 
> with keep-state rules, so I want to do NAT function outside of IPFW.
> 
> What is the correct configuration to use IPNAT for the NAT function and 
> IPFW for the firewall? Does anybody have this variation working?
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

You need ipfilter to use ipnat.
Ipfw uses natd.

You can have both ipfilter and ipfw running on the same machine, 
so that may be one solution.

--
R



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message