Date: Fri, 26 Oct 2001 12:17:31 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Rob Simmons <rsimmons@wlcg.com> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: ipfw and ipf on one box Message-ID: <20011026121235.A10039-100000@cactus.fi.uba.ar> In-Reply-To: <20011026110215.O88733-100000@mail.wlcg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 26 Oct 2001, Rob Simmons wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: RIPEMD160 > > Has anyone had any luck getting dummynet to work with ipfilter? In LINT > it mentions that you need IPFIREWALL with dummynet. Can IPFILTER be > substituted? I am using dummynet and ipfilter together. I add "options IPFIREWALL", "options IPFIREWALL_DEFAULT_TO_ACCEPT" and "options DUMMYNET" in the kernel config and load ipl.ko to use the KLD version of IP Filter. Note this should work with the in kernel version too. That way, you use dummynet for traffic shaping and ipf for NAT/Filtering. Fer > > Robert Simmons > Systems Administrator > http://www.wlcg.com/ > > On Fri, 26 Oct 2001, Alexei Zakirov wrote: > > > On Fri, 26 Oct 2001, Nickolay A.Kritsky wrote: > > > > > Hi all. > > > > > > Has anybody an experience of concurrent work of ipfw and ipfilter on > > > one FreeBSD box? Is it possible? What will be the order of packets > > > > yes it's possible. I'm using this combination to get an in-kernel ipf NAT > > and ipfw working together. > > > > As I can see order is following: > > PKT -> (ipnat) -> (ipfilter) -> (ipfw) -> (bpf) -> INTERFACE OUT > > > > PKT <- (ipfw) <- (ipf) <- (ipnat) <- (bpf) <- INTERFACE IN > > > > *** WBR, Alexei Zakirov (frank@unshadow.net) > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (FreeBSD) > Comment: For info see http://www.gnupg.org > > iD8DBQE72Xuhv8Bofna59hYRA9ijAJ0aGDGrMsvh9jnRmkbnQTnlwvSRawCeJ6r0 > XLAzRWBJerVjsqsyKCjYJq4= > =YhIH > -----END PGP SIGNATURE----- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011026121235.A10039-100000>