Date: Mon, 13 May 2002 12:51:25 +0200 From: "Max Clements" <clementsm@swistgroup.com> To: <questions@freebsd.org> Subject: IPFW with NATD question... Message-ID: <DEC925D2FB9081448C3D6EC26E85868C02D594@steinmail.swistgroup.com>
next in thread | raw e-mail | index | archive | help
I have IPFW running as my firwall to the 'net with natd for the = translation. Problem is using natd with the divert socket to divert all traffic to = natd, you end up with a situation where you cannot use stateful rules (at = least I can't figure a way out) as an example: Say an inside machine 192.168.1.10 connects to the outside world via = IPFW, with a public address of 196.6.128.200. If I log the connection = verbosely I see the following: Tcp outgoing from 196.6.128.200 - outside host:port for the outgoing = packets of the connection and Tcp incoming from outside host:port to 192.168.1.10 (which is the inside address) Obviously the stateful rule misses the incoming packets with different distination addresses, consequently the connection fails. Any suggestions Regards Max To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DEC925D2FB9081448C3D6EC26E85868C02D594>