From owner-freebsd-stable@FreeBSD.ORG Mon Jul 31 07:38:43 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 364C116A4DD for ; Mon, 31 Jul 2006 07:38:43 +0000 (UTC) (envelope-from fydernix@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7A27A43D46 for ; Mon, 31 Jul 2006 07:38:42 +0000 (GMT) (envelope-from fydernix@gmail.com) Received: by ug-out-1314.google.com with SMTP id m2so651485uge for ; Mon, 31 Jul 2006 00:38:41 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=P7wrwADWgSsM5cn5GPm+xYVTrOOwBrhKcGTiNxSBn1tMrH8he/lNRPorvmt9eAatsVBh1mJA9E5rN6Rx5OpgHnphsG+cSrstlgs736LyD0I7ZcRScFpbA3X3jUbe/5VZ6J1YxySJQi/AmZspB3Q7UrihMdpl8rpR6Okpc2v9iFw= Received: by 10.78.120.6 with SMTP id s6mr435568huc; Mon, 31 Jul 2006 00:38:41 -0700 (PDT) Received: by 10.78.126.2 with HTTP; Mon, 31 Jul 2006 00:38:41 -0700 (PDT) Message-ID: Date: Mon, 31 Jul 2006 03:38:41 -0400 From: "SigmaX asdf" To: "Igor Robul" In-Reply-To: <20060729191915.GA11595@sysadm.stc> MIME-Version: 1.0 References: <20060729070410.GD8063@sysadm.stc> <20060729191915.GA11595@sysadm.stc> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-stable@freebsd.org Subject: Re: Gateway X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Jul 2006 07:38:43 -0000 I take it firewall_type="OPEN" does not include the divert rule? The handbooks reads "The kernel source needs 'option divert' statement added to the other IPFIREWALL statements compiled into a custom kernel." Is this still the case in FreeBSD 6.1? Or am I covered by the IPDIVERT module or something? SigmaX On 7/29/06, Igor Robul wrote: > > On Sat, Jul 29, 2006 at 01:42:41PM -0400, SigmaX asdf wrote: > > >^^^^^^^^^^^^^^^^^^^ > > >Should be natd_enable="YES" > > > > > > Heh; yeah, typo in my post. The file has it ok. Is there something I > have > > to do to specify the interfaces which have nat enabled? Does > natd_enable > > automatically forward any/every packet to any/every interface? > Personally I use ipfilter, but for ipfw/natd you need to specify > "divert" rule. You can find many examples, including ones in FreeBSD > handbook. >