Date: 08 Dec 2002 15:04:29 +0800 From: Khairil Yusof <kaeru@pd.jaring.my> To: questions@FreeBSD.org Subject: ipfw2 and natd Message-ID: <1039331069.99425.7.camel@daemon>
next in thread | raw e-mail | index | archive | help
--=-ueYHRV+u2IWs7EdCjTFX Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Didn't get an answer for this. Is it because it's supposed to be asked in freebsd-current? I've found that natd with ipfw2 breaks my simple ipfw rules in which state information is kept for new outgoing tcp packets: with 0,1.. as example rule numbers. 0 divert natd all from any to any via tun0 1 allow tcp from any to any out xmit tun0 setup 2 allow tcp from any to any via tun0 established 3 allow icmp from any to any 0 is ok 1 is ok 3 is ok but 2 doesn't work. I read in the man, that natd might lose information that might cause rule 2 to break.=20 What's the proper way to do this with ipfw2? --=20 Khairil Yusof <kaeru@pd.jaring.my> --=-ueYHRV+u2IWs7EdCjTFX Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQA98u79DAqnLW/+/X8RAuf4AKCoE6t5RMCOvRNcCNNLXA2zF3g0HQCg8Ooi V2zVeqFzaEdWLNcoL5D9ymY= =CC36 -----END PGP SIGNATURE----- --=-ueYHRV+u2IWs7EdCjTFX-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1039331069.99425.7.camel>