Date: Thu, 4 Jan 2001 18:58:14 -0600 From: "J. Chancey" <jerrjam@orbitworld.net> To: <questions@freebsd.org> Subject: IP Filter/IPNAT Message-ID: <002001c076b2$98038e40$6e2359d8@jerrychancey>
next in thread | raw e-mail | index | archive | help
I am a FreeBSD newbie (Windows background) attempting to use Release 4.2 as a home firewall. I have been collecting information about IP Filter and NATD and have become very confused. What is the relationship between the IP addresses in the firewall ruleset and NATD? I would have thought that packets from the external network (Internet) would be translated, then the firewall ruleset would be applied. Packets from the internal network would be filtered by the firewall ruleset, then translated. In this manner the firewall ruleset would have rules containing the INTERNAL network IP addresses (among other addresses). However, reading NATD(8) I find the following: " After translation by natd, packets re-enter the firewall at the rule number following the rule number that caused the diversion (not the next rule if there are several at the same number)." What?? When did the packets leave the firewall rules to go to natd? How does this affect the firewall rules? Could you please help me understand the relationship among natd and IP Filter and the IP addresses used in the firewall rules? Jerry Chancey To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002001c076b2$98038e40$6e2359d8>