Date: Wed, 02 Jun 2004 15:33:58 -0700 From: OpenMacNews <freebsd-ipfw.20.openmacews@spamgourmet.com> To: freebsd-ipfw <freebsd-ipfw@freebsd.org> Subject: does NATd _prevent_ use of stateful ipfw rules w/ keep-state? Message-ID: <DAC6B2F195AD44196B3A03F5@[172.30.11.6]>
next in thread | raw e-mail | index | archive | help
In continued digging for some guidance w.r.t. my earlier post, I came across the following list comment ...
> The real show stopper is ipfw with stateful rules using the 'keep state'
> option does not work when used with the divert/nated legacy sub-routine.
> What this means is ipfw with stateful rules can only be used if
> 'user ppp -nat' is how you connect to the public internet.
Is this in fact true?
If using NATd, am I relegated to a _static_ ruleset, w/ no ability to use stateful rules?
Richard
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DAC6B2F195AD44196B3A03F5>