Date: Thu, 29 Dec 2005 18:05:05 -0600 From: Greg Barniskis <nalists@scls.lib.wi.us> To: "Chris S. Wilson" <cswilson@ordizmelby.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: NATD Internal Network problems Message-ID: <43B479B1.6000605@scls.lib.wi.us> In-Reply-To: <C8DFE22B48199443918D30E52F1AD2CC3FED7B@omaserver.oma.local> References: <C8DFE22B48199443918D30E52F1AD2CC3FED7B@omaserver.oma.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Chris S. Wilson wrote: > Weird, every other router I've used forwards all the packets properly, > even my backup linksys when I hook it up. Probably works there because there's not a very complex packet filtering operation in the middle when using an off-the-shelf router. Keep in mind that I'm speaking from distant memory. What you describe doesn't work for me, never did, and I know it's been talked about on this list as being an undesirable thing to do anyway, given that there are better alternatives than torturing your packets. You can possibly make FreeBSD do what you want, but (IIRC) it's going to take some ipfw wizardry, or whatever you're using to drive packets into natd. Also, I believe the result of that is that you'd have to create a less secure set of rules about what is permitted to pass. In other words the real reason this doesn't work is that as a best practice, it shouldn't. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) <gregb at scls.lib.wi.us>, (608) 266-6348
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43B479B1.6000605>