Date: Wed, 10 May 2000 04:10:08 -0700 (PDT) From: Ruslan Ermilov <ru@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/18354: NATD diverts DMZ packets to firewall host Message-ID: <200005101110.EAA51006@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/18354; it has been noted by GNATS. From: Ruslan Ermilov <ru@FreeBSD.org> To: "Lowkrantz, Goran" <Goran.Lowkrantz@infologigruppen.se> Cc: "'Brian Somers'" <brian@Awfulhak.org>, freebsd-gnats-submit@FreeBSD.org, Charles Mott <cmott@scientech.com>, Eivind Eklund <perhaps@yes.no>, Ari Suutari <ari@suutari.iki.fi> Subject: Re: bin/18354: NATD diverts DMZ packets to firewall host Date: Wed, 10 May 2000 14:06:24 +0300 On Wed, May 10, 2000 at 08:40:43AM +0200, Lowkrantz, Goran wrote: > > OK. I understand. But I can't read this behavior from natd(8), as the 3d > para don't mension what happens if no match is found or the IP isn't that of > the firewall IF. If the current behavior is the intended, then it should be > documented. And as it's a change in behavior, somthing should be said about > it in the release notes. Was this patch given a HEADS UP? > > May I suggest somthing like this for natd(8)? > > Description - add to 3d para > > If no entry is found or the target IP is not the current machine, the packet > is modified to the IP number of the current machine. > The correct behaviour is already documented (see the -a option's description): : If no other action can be made, and if -deny_incoming is not specified, : the packet is delivered to the local machine and port as specified in : the packet. I will restore this behaviour in a day or two. Cheers, -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005101110.EAA51006>