From owner-freebsd-questions@FreeBSD.ORG Thu Apr 8 23:33:28 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA43B16A4CE for ; Thu, 8 Apr 2004 23:33:28 -0700 (PDT) Received: from spam2.snu.ac.kr (spam2.snu.ac.kr [147.46.10.68]) by mx1.FreeBSD.org (Postfix) with SMTP id 2F35A43D39 for ; Thu, 8 Apr 2004 23:33:28 -0700 (PDT) (envelope-from nospam@users.sourceforge.net) Received: (snipe 22510 invoked by alias); 9 Apr 2004 06:33:24 +0900(KST) Received: from nospam@users.sourceforge.net with SpamSniper2.76 (Processed in 0.011575 secs); Received: from unknown (HELO sis1.snu.ac.kr) (147.46.10.36) by 0 with SMTP; 9 Apr 2004 06:33:24 +0900(KST) X-RCPTTO: freebsd-questions@freebsd.org, Received: from users.sourceforge.net (cisr.snu.ac.kr [147.46.44.181]) by sis1.snu.ac.kr (8.12.10/8.12.10) with ESMTP id i396TSdw290578 for ; Fri, 9 Apr 2004 15:29:28 +0900 Message-ID: <407643B7.3080308@users.sourceforge.net> Date: Fri, 09 Apr 2004 15:33:27 +0900 From: Rob User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040315 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: FreeBSD router: Can my internet provider detect my home network? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Apr 2004 06:33:29 -0000 Hi, I plan to have a FreeBSD (4.9 stable) system serving as a router between my provider and a set of my home computers connected via a home network. My provider does not really like this, but I don't care so much, as long as s/he cannot detect (too easily) my home network. My plan is to use the following setup in my rc.conf: gateway_enable="YES" natd_enable="YES" natd_interface="rl0" firewall_enable="YES" firewall_type="open" (with, of course, the proper options compiled into the kernel). Is it correct, that the combination of firewall and natd divert all requests and thus hide the home network for my provider? Are requests from all other networked home PC's done on behalf of the router, so that my provider will only see requests from my router? Or do I need some better (firewall?) configuration for this? Thanks, Rob.