From owner-freebsd-questions Fri Mar 9 19:14:59 2001 Delivered-To: freebsd-questions@freebsd.org Received: from chmod.ath.cx (CC2-1242.charter-stl.com [24.217.116.226]) by hub.freebsd.org (Postfix) with ESMTP id E653B37B719 for ; Fri, 9 Mar 2001 19:14:57 -0800 (PST) (envelope-from ajh3@chmod.ath.cx) Received: by chmod.ath.cx (Postfix, from userid 1001) id A2DE2A82A; Fri, 9 Mar 2001 21:14:36 -0600 (CST) Date: Fri, 9 Mar 2001 21:14:36 -0600 From: Andrew Hesford To: "G. Jason Middleton" Cc: freebsd-questions@freebsd.org Subject: Re: NAT without a firewall. Message-ID: <20010309211436.A564@cec.wustl.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from gmiddl1@gl.umbc.edu on Fri, Mar 09, 2001 at 10:07:29PM -0500 X-Loop: Andrew Hesford Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Well, you don't need a physical firewall, if that's what you're asking. However, you do need ipfirewall built into your kernel. Just starting natd will do nothing, because packets won't go looking for it on port 8668 if they aren't told to. Therefore, you need to use ipfw to establish a rule to divert all packets to port 8668 (aliased to 'natd' in /etc/services) as they come in on an interface. This is accomplished by adding the following rule: ipfw add divert natd ip from any to any On Fri, Mar 09, 2001 at 10:07:29PM -0500, G. Jason Middleton wrote: > Can i run natd without firewall ? I see all these instructions for > running a firewall and natd together. What options do i need in the > kernel and rc.conf just to run natd? -- Andrew Hesford ajh3@chmod.ath.cx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message