Date: Wed, 09 Feb 2011 21:34:04 +1000 From: Da Rock <freebsd-questions@herveybayaustralia.com.au> To: freebsd-questions@freebsd.org Subject: Re: pf, binat, rdr, and one ip Message-ID: <4D527BAC.3080805@herveybayaustralia.com.au> In-Reply-To: <20110209111646.GD3267@catflap.slightlystrange.org> References: <4D515148.3000009@herveybayaustralia.com.au> <20110208151849.GC3267@catflap.slightlystrange.org> <4D51CD05.8040003@herveybayaustralia.com.au> <20110209111646.GD3267@catflap.slightlystrange.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/09/11 21:16, Daniel Bye wrote: > On Wed, Feb 09, 2011 at 09:08:53AM +1000, Da Rock wrote: > >> On 02/09/11 01:18, Daniel Bye wrote: >> >>> On Wed, Feb 09, 2011 at 12:20:56AM +1000, Da Rock wrote: >>> >>> >>>> A very quick question. >>>> >>>> PF firewall. One static public IP. About 6 servers on the internal >>>> network (dmz). One server binat in the pf.conf, the rest redirected. >>>> >>>> Possible? Or would it die in the hole? >>>> >>>> >>> I guess you're concerned about performance and resource usage? If so, this >>> may be helpful. >>> >>> http://www.openbsd.org/faq/pf/perf.html >>> >>> Dan >>> >>> >> Useful info to have, thanks. But no, I'm interested in if the binatting >> will interfere with the rdr's (or vice versa). >> > Ah, I see. I don't know, is the straight answer - I've never needed to use > both together. A bit of idle googling seems to suggest it's possible, but > I don't have time right now to dig any deeper. > Thats exactly what I got too. Nothing definitive to go on. Apparently not a very common arrangement. It *seems* to be working, but there are some weird quirks I can't quite account for. Hence the question to the guys who'd know... :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D527BAC.3080805>