Date: Tue, 4 Feb 2003 08:00:46 +0200 (EET) From: Emilian Ursu <loman@cluj.astral.ro> To: Mikhail Teterin <mi@corbulon.video-collage.com> Cc: Barry Irwin <bvi@itouchlabs.com>, net@FreeBSD.ORG Subject: Re: Does natd(8) really need to see _all_ packets? Message-ID: <Pine.BSF.4.44_heb2.09.0302040759540.311-100000@void.cluj.astral.ro> In-Reply-To: <200302040540.h145evwa062764@corbulon.video-collage.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 4 Feb 2003, Mikhail Teterin wrote: > > your best solution is to add a skipto before the divert rule. > > Thank you, Barry, but is not that what I'm doing in the sample? > > > You can therefore skip any traffic from a private address to another > > private address. Anything not matched by the skipto rule gets fed to > > the divert socket. > > The trick was to figure out, what could be skipped, and what could not. > I'm wondering, if I got that right -- it seems to work find, but does it > leave something open? Before I can recommend it to others, I'd like to > be more sure :-) > see the example from man firewall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.44_heb2.09.0302040759540.311-100000>