From owner-freebsd-security Wed Feb 16 7:43:57 2000 Delivered-To: freebsd-security@freebsd.org Received: from builder.freebsd.org (builder.FreeBSD.ORG [204.216.27.24]) by hub.freebsd.org (Postfix) with ESMTP id A003C37B649 for ; Wed, 16 Feb 2000 07:43:49 -0800 (PST) (envelope-from v0rbiz@ab-bg.net) Received: from ab-bg.net (ab-bg.net [212.56.11.129]) by builder.freebsd.org (Postfix) with SMTP id 37638132E4 for ; Wed, 16 Feb 2000 07:42:31 -0800 (PST) Received: (qmail 1239 invoked by uid 1000); 16 Feb 2000 15:33:35 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 16 Feb 2000 15:33:35 -0000 Date: Wed, 16 Feb 2000 17:33:35 +0200 (EET) From: Victor Ivanov To: freebsd-security@FreeBSD.ORG Subject: Re: IPFW or something else In-Reply-To: <38AA7830.33F0C22F@apse.cc.rtu.lv> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org IPFW *and* something else... I guess you need NAT. With Linux (with that thing 'ipchains' called 'firewall') you don't NAT, you masquerade. But it's NAT. ipfw does not change anything in the packets. It can divert them to another program (like natd) which can do the job. In any case, it is good and recommended to read the fine manual... I think there's an easy way to what you want from /etc/defaults/rc.conf look at the natd options (and maybe /stand/sysinstall can do this for you). Just enable natd and set the interface or address and next time you reboot it'll be ok. for ipf and ipnat there are manuals too To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message