Date: Mon, 13 Jan 2003 18:03:32 -0600 From: Stephen Hilton <nospam@hiltonbsd.com> To: freebsd-questions@FreeBSD.ORG Cc: barbish@a1poweruser.com Subject: Re: execution sequance of IPFW/IPFILTER when used together Message-ID: <20030113180332.20ad7484.nospam@hiltonbsd.com> In-Reply-To: <MIEPLLIBMLEEABPDBIEGIEFODDAA.barbish@a1poweruser.com> References: <MIEPLLIBMLEEABPDBIEGIEFODDAA.barbish@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 13 Jan 2003 14:40:18 -0500 "JoeB" <barbish@a1poweruser.com> wrote: > Informational post for the archives > > From lists-freebsd@silverwraith.com who wrote > We actually found it goes: > > Internal private Net -> NIC -> IPF+NAT -> IPFW -> Public internet > World > > Public internet World -> IPF+NAT -> IPFW -> NIC -> Internal Private > net > > > Suffice to say, IPF+NAT always sees the packets first > > This is way to use ipfilter to perform the nat function and ipfw > dummynet There was also some comments regarding this sequence changing depending on whether IPF or IPFW are compiled in the kernel or loaded as modules, does this have any affect on this rule ? Regards, Stephen Hilton nospam@hiltonbsd.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030113180332.20ad7484.nospam>