From owner-freebsd-questions Fri Mar 9 19:18:52 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mx3out.umbc.edu (mx3out.umbc.edu [130.85.253.53]) by hub.freebsd.org (Postfix) with ESMTP id C0AF537B718 for ; Fri, 9 Mar 2001 19:18:48 -0800 (PST) (envelope-from gmiddl1@gl.umbc.edu) Received: from linux3.gl.umbc.edu (IDENT:gmiddl1@linux3.gl.umbc.edu [130.85.60.39]) by mx3out.umbc.edu (8.9.3/8.9.3) with ESMTP id WAA26349; Fri, 9 Mar 2001 22:18:46 -0500 (EST) Date: Fri, 9 Mar 2001 22:18:45 -0500 (EST) From: "G. Jason Middleton" To: Andrew Hesford Cc: Subject: Re: NAT without a firewall. In-Reply-To: <20010309211436.A564@cec.wustl.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG so what isthe next best solution? running squid or another proxy server? On Fri, 9 Mar 2001, Andrew Hesford wrote: > Well, you don't need a physical firewall, if that's what you're asking. > However, you do need ipfirewall built into your kernel. > > Just starting natd will do nothing, because packets won't go looking for > it on port 8668 if they aren't told to. Therefore, you need to use ipfw > to establish a rule to divert all packets to port 8668 (aliased to > 'natd' in /etc/services) as they come in on an interface. > > This is accomplished by adding the following rule: > > ipfw add divert natd ip from any to any > > On Fri, Mar 09, 2001 at 10:07:29PM -0500, G. Jason Middleton wrote: > > Can i run natd without firewall ? I see all these instructions for > > running a firewall and natd together. What options do i need in the > > kernel and rc.conf just to run natd? > -- > Andrew Hesford > ajh3@chmod.ath.cx > G. Jason Middleton _______________________________________________________________________________ Announcement: The revolution will not be televised. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message