From owner-freebsd-questions Tue Aug 11 02:05:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA03875 for freebsd-questions-outgoing; Tue, 11 Aug 1998 02:05:12 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from cyclops.xtra.co.nz (cyclops.xtra.co.nz [202.27.184.96]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA03863 for ; Tue, 11 Aug 1998 02:05:04 -0700 (PDT) (envelope-from junkmale@pop3.xtra.co.nz) Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87]) by cyclops.xtra.co.nz (8.9.1/8.9.1) with SMTP id VAA25925 for ; Tue, 11 Aug 1998 21:04:37 +1200 (NZST) Message-Id: <199808110904.VAA25925@cyclops.xtra.co.nz> From: "Dan Langille" Organization: DVL Software Limited To: FreeBSD Questions Date: Tue, 11 Aug 1998 21:04:10 +1200 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: ipfw and natd Reply-to: junkmale@xtra.co.nz X-mailer: Pegasus Mail for Win32 (v3.01b) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm using ifpw and natd. In order for natd to work, the following rule must be present somewhere within the ipfw rules. divert natd ip from any to any via ed0 (or whatever your external nic is if it's not ed0). Where should that rule be placed in relationship to other rules? At the top, at the bottom? I used to have it as the last rule (before the deny all rule). But an example I just found (http://www.metronet.com/~pgilley/freebsd/ipfw/ben2.html) has this rule at the top. I'm confused. I thought you'd want to disallow stuff before allowing the natd stuff. Or am I mucked up? -- Dan Langille DVL Software Limited http://www.dvl-software.com/freebsd : my [mis]adventures To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message