From owner-freebsd-ipfw Thu Oct 3 22: 9:22 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9CF9237B401 for ; Thu, 3 Oct 2002 22:09:21 -0700 (PDT) Received: from mta1.srv.hcvlny.cv.net (mta1.srv.hcvlny.cv.net [167.206.5.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C40443E6E for ; Thu, 3 Oct 2002 22:09:21 -0700 (PDT) (envelope-from agapon@excite.com) Received: from edge.foundation.invalid (ool-182f90f3.dyn.optonline.net [24.47.144.243]) by mta1.srv.hcvlny.cv.net (iPlanet Messaging Server 5.2 HotFix 0.9 (built Jul 29 2002)) with ESMTP id <0H3F00MHVYC1EN@mta1.srv.hcvlny.cv.net> for freebsd-ipfw@freebsd.org; Fri, 04 Oct 2002 01:09:38 -0400 (EDT) Received: from localhost (localhost.foundation.invalid [127.0.0.1]) by edge.foundation.invalid (8.12.3/8.12.3) with ESMTP id g9459Ji0045910; Fri, 04 Oct 2002 01:09:19 -0400 (EDT envelope-from agapon@excite.com) Date: Fri, 04 Oct 2002 01:09:19 -0400 (EDT) From: Andriy Gapon Subject: Re: Natd plus statefull connections impossible? [correction!] X-X-Sender: avg@edge.foundation.invalid To: Georg Graf Cc: freebsd-ipfw@freebsd.org Message-id: <20021004010449.O45826-100000@edge.foundation.invalid> MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Content-transfer-encoding: 7BIT Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG correction: in the more complex set, rules like: allow tcp from any to 192.168.1.12 NNN in via rl0 setup should be stateful: allow tcp from any to 192.168.1.12 NNN in via rl0 setup keep-state sorry lost it during copying. -- Andriy Gapon * "I do not know myself, and God forbid that I should." Johann Wolfgang von Goethe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message