From owner-freebsd-questions@FreeBSD.ORG  Fri Jul 23 18:43:40 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 068271065675
	for <freebsd-questions@freebsd.org>;
	Fri, 23 Jul 2010 18:43:40 +0000 (UTC)
	(envelope-from norgaard@locolomo.org)
Received: from mail.locolomo.org (97.pool85-48-194.static.orange.es
	[85.48.194.97]) by mx1.freebsd.org (Postfix) with ESMTP id A63EC8FC1F
	for <freebsd-questions@freebsd.org>;
	Fri, 23 Jul 2010 18:43:39 +0000 (UTC)
Received: from beta.local (unknown [89.204.153.252])
	by mail.locolomo.org (Postfix) with ESMTPSA id 3BFA01C0871;
	Fri, 23 Jul 2010 20:43:34 +0200 (CEST)
Message-ID: <4C49E2CD.7020607@locolomo.org>
Date: Fri, 23 Jul 2010 20:43:25 +0200
From: Erik Norgaard <norgaard@locolomo.org>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
	rv:1.9.2.4) Gecko/20100608 Lightning/1.0b2 Thunderbird/3.1
MIME-Version: 1.0
To: google@alexus.org
References: <AANLkTilVTo36Fzdh2DKAQhRjyDj8MNUuV9dhwvQ7Gf-V@mail.gmail.com>	<AANLkTinh0CykJ1Av3f2THPDFOLS0YtYLDvRMHXm_wD3w@mail.gmail.com>	<4C3F91CF.5090206@locolomo.org>	<AANLkTin6hYyHiG8taifkNHPBtKI0rKOkAaGRYodV1LLC@mail.gmail.com>	<4C419944.8030702@locolomo.org>	<AANLkTin8H47Z7suztGnWpa8fm-XIagQ6vzlxP85OIT-B@mail.gmail.com>	<4C447F7F.6020308@locolomo.org>	<AANLkTinM1E2Obrs8VqSsm3S_jcXqbw_Q1YLkc51tgJsS@mail.gmail.com>	<4C45D57F.2020506@locolomo.org>	<AANLkTinXjSXlL59mVU5bh-cIqxwHg5C3pgOsA7tcqFMk@mail.gmail.com>	<4C45F0F1.7010609@locolomo.org>	<AANLkTimFKATt4_4umseRhcrDl7BLkOuNvOfuXIGHrdJB@mail.gmail.com>
	<AANLkTi=ZmiRB=43xQEpJjZpeDBCRwf61W_-Sbbm8oaZt@mail.gmail.com>
In-Reply-To: <AANLkTi=ZmiRB=43xQEpJjZpeDBCRwf61W_-Sbbm8oaZt@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Cc: alexus <alexus@gmail.com>, freebsd-questions@freebsd.org
Subject: Re: ipnat.conf - map and rdr won't work!
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jul 2010 18:43:40 -0000

On 23/07/10 18.58, alexus wrote:

> i just did jail on public ip where i dont need to use ipnat, so
> obviously that works fine no problem
> not really what i wanted though but as a temporary fix its fine...

With all respect, I think you should start liking this solution, because 
for all I understand, this is the right solution.

If external access to the jail was otherwise through rdr, there is 
really no benefit at all, securitywise or otherwise. But allowing the 
jail to bind directly on the ip that external clients connect to you get 
simplicity and ease of configuration.

BR, Erik