Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 22 Feb 2002 03:10:14 -0800
From:      "Crist J. Clark" <cjc@FreeBSD.ORG>
To:        Joe & Fhe Barbish <barbish@a1poweruser.com>
Cc:        Drew Tomlinson <drew@mykitchentable.net>, FBSDQ <questions@FreeBSD.ORG>
Subject:   Re: Migrate from IPF to IPFW
Message-ID:  <20020222031014.N48401@blossom.cjclark.org>
In-Reply-To: <LPBBIGIAAKKEOEJOLEGOCEGFCIAA.barbish@a1poweruser.com>; from barbish@a1poweruser.com on Thu, Feb 21, 2002 at 06:46:23PM -0500
References:  <00a501c1aa82$e1d508f0$c42a6ba5@lc.ca.gov> <LPBBIGIAAKKEOEJOLEGOCEGFCIAA.barbish@a1poweruser.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 21, 2002 at 06:46:23PM -0500, Joe & Fhe Barbish wrote:
> Don't know how far you have gotten, but I just completed doing the same
> thing.  First thing is to remove the natd divert rule from your ipfw rules.
> Natd and ipfw were never designed to work together.

That's not really accurate. First there was ipfw(8). Then natd(8) was
created to work with ipfw(8) using divert(4) sockets. It was later
that 'keep-state' capabilities were added to ipfw(8), and it is
'keep-state' that is tricky to get to work with natd(8).
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020222031014.N48401>