Date: Thu, 8 Dec 2016 09:03:53 +0000 From: Matt Smith <matt.xtaz@gmail.com> To: Warren Block <wblock@wonkity.com> Cc: Polytropon <freebsd@edvax.de>, byrnejb@harte-lyne.ca, freebsd-questions@freebsd.org Subject: Re: FreeBSD Firewalls Message-ID: <20161208090353.GD2691@gmail.com> In-Reply-To: <alpine.BSF.2.20.1612071721550.5616@wonkity.com> References: <5bed7716cd0c9f56e7fe73e86d0cde45.squirrel@webmail.harte-lyne.ca> <alpine.BSF.2.20.1612071450340.5616@wonkity.com> <20161207231046.504c2a61.freebsd@edvax.de> <alpine.BSF.2.20.1612071721550.5616@wonkity.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 07 17:23, Warren Block wrote: > >For me, it was that PF was easier to configure, certainly for simple >things. I'm told IPFW has improved since then, and NAT is now better. I've always used IPFW, see no reason to change to something else. But yes NAT is now a lot better. It moved to in-kernel NAT and the syntax that I now use is like this: ipfw nat 1 config if re0 same_ports ipfw add nat 1 ip4 from not me to any out via re0 ipfw add nat 1 ip4 from any to me in via re0 -- Matt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20161208090353.GD2691>