From owner-freebsd-net Tue May 1 14:59:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from CPE-61-9-164-106.vic.bigpond.net.au (CPE-61-9-166-240.vic.bigpond.net.au [61.9.166.240]) by hub.freebsd.org (Postfix) with ESMTP id 82AB637B422 for ; Tue, 1 May 2001 14:59:29 -0700 (PDT) (envelope-from darrenr@reed.wattle.id.au) Received: (from root@localhost) by CPE-61-9-164-106.vic.bigpond.net.au (8.11.0/8.11.0) id f41LwqV21782; Wed, 2 May 2001 07:58:52 +1000 (EST) From: Darren Reed Message-Id: <200105012158.HAA22701@avalon.reed.wattle.id.au> Subject: Re: The future of ALTQ, IPsec & IPFILTER playing together ... In-Reply-To: <3AEF2007.5968E10D@aurora.regenstrief.org> from Gunther Schadow at "May 1, 1 08:43:51 pm" To: gunther@aurora.regenstrief.org (Gunther Schadow) Date: Wed, 2 May 2001 07:58:27 +1000 (EST) Cc: larse@ISI.EDU, snap-users@kame.net, freebsd-net@freebsd.org, ipfilter@coombs.anu.edu.au, altq@csl.sony.co.jp X-Mailer: ELM [version 2.4ME+ PL37 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some email I received from Gunther Schadow, sie wrote: [...] > As an added benefit, the two network interfaces tun0 and fxp0 allow > me to cope with the limited power of IPFILTER's NAT rules (as compared > to IPFW). What is so limiting about NAT in IPFilter ? AFAIK, apart from packet matching capability, IPFilter NAT kicks ass over ipfw or am I wrong ? Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message