From owner-freebsd-questions Mon Jan 13 11:40:23 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2690337B484 for ; Mon, 13 Jan 2003 11:40:20 -0800 (PST) Received: from smtp.a1poweruser.com (oh-chardon6a-34.clvhoh.adelphia.net [68.169.105.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 74F6A43F65 for ; Mon, 13 Jan 2003 11:40:19 -0800 (PST) (envelope-from barbish@a1poweruser.com) Received: from barbish (unknown [10.0.10.6]) by smtp.a1poweruser.com (Postfix) with SMTP id E82AFF8 for ; Mon, 13 Jan 2003 14:47:59 -0500 (EST) Reply-To: From: "JoeB" To: "FBSDQ" Subject: execution sequance of IPFW/IPFILTER when used together Date: Mon, 13 Jan 2003 14:40:18 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Informational post for the archives From lists-freebsd@silverwraith.com who wrote We actually found it goes: Internal private Net -> NIC -> IPF+NAT -> IPFW -> Public internet World Public internet World -> IPF+NAT -> IPFW -> NIC -> Internal Private net Suffice to say, IPF+NAT always sees the packets first This is way to use ipfilter to perform the nat function and ipfw dummynet To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message