From owner-freebsd-questions@FreeBSD.ORG Mon Feb 8 15:39:15 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 84C27106566B for ; Mon, 8 Feb 2010 15:39:15 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (wonkity.com [67.158.26.137]) by mx1.freebsd.org (Postfix) with ESMTP id 3F47B8FC18 for ; Mon, 8 Feb 2010 15:39:14 +0000 (UTC) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.14.3/8.14.3) with ESMTP id o18FdEGE099706; Mon, 8 Feb 2010 08:39:14 -0700 (MST) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.14.3/8.14.3/Submit) with ESMTP id o18FdEK2099703; Mon, 8 Feb 2010 08:39:14 -0700 (MST) (envelope-from wblock@wonkity.com) Date: Mon, 8 Feb 2010 08:39:14 -0700 (MST) From: Warren Block To: John In-Reply-To: <20100208075855.A20993@starfire.mn.org> Message-ID: References: <20100208075855.A20993@starfire.mn.org> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (wonkity.com [127.0.0.1]); Mon, 08 Feb 2010 08:39:14 -0700 (MST) Cc: freebsd-questions@freebsd.org Subject: Re: Can loader.conf give you NATD support? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Feb 2010 15:39:15 -0000 On Mon, 8 Feb 2010, John wrote: > The natd man page says it is still necessary to create a customer > kernl with > > options IPFIREWALL > options IPDIVERT > > Is that still true, or can it be accomplished vi a loader.conf? It's a kernel option, so you probably can't do it at runtime. Consider using pf instead of ipfw. pf does NAT without needing natd or those kernel options. -Warren Block * Rapid City, South Dakota USA