From owner-freebsd-questions Sat Aug 17 9:45: 5 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B34A37B400 for ; Sat, 17 Aug 2002 09:45:03 -0700 (PDT) Received: from smtp.a1poweruser.com (oh-chardon6a-62.clvhoh.adelphia.net [68.65.175.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id D972543E4A for ; Sat, 17 Aug 2002 09:45:02 -0700 (PDT) (envelope-from barbish@a1poweruser.com) Received: from barbish (lanwin1 [10.0.10.6]) by smtp.a1poweruser.com (Postfix) with SMTP id 94078295; Sat, 17 Aug 2002 12:49:05 -0400 (EDT) Reply-To: From: "JoeB" To: "Roger 'Rocky' Vetterberg" Cc: "FBSDQ" Subject: RE: IPNAT & IPFW Date: Sat, 17 Aug 2002 12:45:00 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <3D5E76C9.7000206@401.cx> Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Yes I am aware of the general information you provided. My question deals with how to make this happen. Can you provide insight on who gets control first, Dynamically loaded ipnat or kernel ipfw? -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Roger 'Rocky' Vetterberg Sent: Saturday, August 17, 2002 12:16 PM To: barbish@a1poweruser.com Cc: FBSDQ Subject: Re: IPNAT & IPFW JoeB wrote: > I have ipfw compiled into the kernel and activate ipnat in the rc.conf. > Boot says ipnat dynamically loaded, But testing shows no NAT on > LAN machines. > > Yes I know IPFW has natd function, but it does not function correctly > with keep-state rules, so I want to do NAT function outside of IPFW. > > What is the correct configuration to use IPNAT for the NAT function and > IPFW for the firewall? Does anybody have this variation working? > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message You need ipfilter to use ipnat. Ipfw uses natd. You can have both ipfilter and ipfw running on the same machine, so that may be one solution. -- R To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message