Date: Tue, 14 Jan 1997 09:48:25 +1100 (EDT) From: Darren Reed <avalon@coombs.anu.edu.au> To: tinguely@plains.nodak.edu (Mark Tinguely) Cc: hackers@FreeBSD.org Subject: Re: IPFILTER Message-ID: <199701132248.OAA12046@freefall.freebsd.org> In-Reply-To: <199701132218.QAA13145@plains.nodak.edu> from "Mark Tinguely" at Jan 13, 97 04:18:34 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Mark Tinguely, sie said: > > > > Also, to get a successful remapping for IP application, be sure that you > > > turned on the IP forwarding on the NAT host (ie: > > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > ). > > > > even better, for things like ftp which have address data in the TCP stream, > > use a proxy. > > net.inet.ip.forwarding tells FreeBSD it is a IP router and that it should > forward packets from one interface to another. NAT translates the IP packet > but FreeBSD will eat the translate packet unless told to forward it. You, generally, need ip.forwarding set anyway in this kind of setup where FreeBSD is routing (forwarding) the packet onward to a final destination, irrespective of NAT being present. Darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701132248.OAA12046>