Date: Sat, 15 Mar 2008 21:16:12 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: Razmig K <strontium90@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: IPFW with user-ppp's NAT Message-ID: <20080316021612.GB4295@dan.emsphone.com> In-Reply-To: <47DC503D.7020008@gmail.com> References: <47DC503D.7020008@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Mar 16), Razmig K said: > With IPFW enabled in the kernel, I'd like to use the NAT functionality of > user-ppp instead of natd. Do I need the IPDIVERT option in the kernel and > the special arrangement of divert and skipto rules in the ruleset? Or, a > non-NATed ruleset (as demonstrated in handbook section 28.6.5.6) would > suffice? > > If divert rules are necessary, what argument do I need to pass to action > divert in place of natd? If you mean the "nat enable yes" option in ppp.conf, that is done completely within the user-ppp daemon (using the same libalias libarary that natd uses). Since user-ppp creates its own tun# device, it can call the NAT functions as it processes packets to/from that device without needing IPFW divert rules. -- Dan Nelson dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080316021612.GB4295>