Date: Sun, 7 Dec 2003 10:02:45 -0500 From: "fbsd_user" <fbsd_user@a1poweruser.com> To: "Michael Lopez" <bsdfreakish@yahoo.com>, <freebsd-ipfw@freebsd.org> Subject: RE: ipfw + natd + ppp Message-ID: <MIEPLLIBMLEEABPDBIEGKEMNEPAA.fbsd_user@a1poweruser.com> In-Reply-To: <20031207051920.87731.qmail@web20725.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
FYI IPFW and stateful rules has an long time bug when used with IPFW's built in NATD function. User ppp has it's own NAT function. You are much better off using User ppp and it's built in NAT function and IPFW without the divert rule. On the other hand FBSD also has an second firewall called IPFILTER and it has it's own NAT function called IPNAT. Both IPFW and IPFILTER come embedded in FBSD as part of the install. IPFW is authored by the FBSD project and as such it gets unfair preferred treatment in the FBSD handbook. The handbook leads the reader into believing IPFW is the only firewall FBSD has to offer. IPFW is targeted at the professional and the home power user, not the newbe. IPFW is loaded with code bloat and is getting worse now that it has been rewritten as IPFW2 and the bug was not fixed because it's in the NATD module and that was not rewritten. IPFW is not user friendly and IPFILTER is much more user friendly and it's stateful rules work without any problems. People who are members of the IPFW maintenance team tell me the MATD module code is an can of worms and nobody wants to touch it. If you decide to use IPFILTER I can point you to an very good how-to. And as a side note in FBSD 4.9 the ports collection has an new port added for the IPF firewall. So you really have 3 chooses of firewall software. I have not tested the IPF port so I have no comments on it yet. -----Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org]On Behalf Of Michael Lopez Sent: Sunday, December 07, 2003 12:19 AM To: freebsd-ipfw@freebsd.org Subject: ipfw + natd + ppp Hello all, I was wondering if you guys have a good URL for ipfw + ppp (dial up) + natd for private network (exp: 192.168.0.0) tutorials or resources ? I tried to search at google.com/bsd but hardly can't find a good one for dial up (also tried freebsd.org ; defcon.org ; freebsddiaries ; freebsdhowtos) thank you. --------------------------------- Do you Yahoo!? Free Pop-Up Blocker - Get it now _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGKEMNEPAA.fbsd_user>