From owner-freebsd-net Tue Aug 1 10: 0:21 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail.rdc1.il.home.com (ha1.rdc1.il.home.com [24.2.1.66]) by hub.freebsd.org (Postfix) with ESMTP id 2F19437BF9C for ; Tue, 1 Aug 2000 10:00:17 -0700 (PDT) (envelope-from stephen@math.missouri.edu) Received: from math.missouri.edu ([24.12.197.197]) by mail.rdc1.il.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20000801170014.EEFP21928.mail.rdc1.il.home.com@math.missouri.edu>; Tue, 1 Aug 2000 10:00:14 -0700 Message-ID: <39870232.F1E1C38C@math.missouri.edu> Date: Tue, 01 Aug 2000 12:00:34 -0500 From: Stephen Montgomery-Smith X-Mailer: Mozilla 4.74 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Ruslan Ermilov Cc: Gregory Bond , net@FreeBSD.org Subject: Re: conf/20197: rc.firewall with firewall_type=simple doesn't work with natd References: <200007262240.PAA88875@freefall.freebsd.org> <20000731190439.A75240@sunbay.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I think that rc.firewall should serve two purposes: 1) In as much as possible, it should work right out of the box. 2) It should teach the newbie to firewalls - by looking at the code he/she should learn about firewalls (that's how I learned - a week ago I was a newbie - and actually still am). I think Ruslan Ermilov's suggested patch succeeds admirably in both these respects. The change of position of the natd command is clear, and should alert the reader that there is a reason for it. Perhaps the only change I would make is to keep a comment explaining briefly why the natd is positioned where it is. But I can understand if others feel it unnecessary. -- Stephen Montgomery-Smith stephen@math.missouri.edu http://www.math.missouri.edu/~stephen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message