From owner-freebsd-hackers Thu Apr 26 15: 6:14 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from 0z0ne.com (www.0z0ne.com [194.143.192.23]) by hub.freebsd.org (Postfix) with SMTP id 4CB2637B424 for ; Thu, 26 Apr 2001 15:06:07 -0700 (PDT) (envelope-from jesus@pasapues.com) Received: (qmail 91938 invoked by uid 1005); 26 Apr 2001 22:04:45 -0000 Received: from dynamic.193.es.encomix.com (HELO LAPTOP) (194.143.193.161) by www.0z0ne.com with SMTP; 26 Apr 2001 22:04:45 -0000 From: =?iso-8859-1?Q?Jes=FAs_Arn=E1iz?= To: , Subject: NAT and IPFiltering Date: Fri, 27 Apr 2001 00:07:47 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Importance: Normal Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi! I'm configuring a server able to do NAT and IP FILTERING (IPF). What are the required options that I should set to the kernel? I have this: -- options IPFILTER options IPFILTER_LOG options IPFIREWALL options IPDIVERT --- but I'm not sure if IPFIREWALLING should be (I'm not going to use ipfw). On the other hand, I put this lines in /etc/rc.conf -- firewall_type="open" firewall_enable="NO" -- But everytime I boot I have to do: # ipfw -f flush # ipfw add pass all from any to any if I want to see other machines of my net. As I say, I wan to use IPFILTER but not ipfw, so what I'm supposed to do? Thanks in advance! -- Jesús Arnáiz 0z0ne Inc I+D/IT Manager http://www.0z0ne.com mailto:jesus@0z0ne.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message