From owner-freebsd-questions  Thu Jul 19  7:17:39 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from cartman.techsupport.co.uk (cabletel1.cableol.net [194.168.3.4])
	by hub.freebsd.org (Postfix) with ESMTP id AAE8B37B419
	for <freebsd-questions@freebsd.org>; Thu, 19 Jul 2001 07:17:16 -0700 (PDT)
	(envelope-from ceri@techsupport.co.uk)
Received: from ceri by cartman.techsupport.co.uk with local (Exim 3.31 #1)
	id 15NEdQ-0000ia-00; Thu, 19 Jul 2001 15:18:36 +0100
Date: Thu, 19 Jul 2001 15:18:36 +0100
From: Ceri <ceri@techsupport.co.uk>
To: User & Ian Patrick Thomas <ipthomas_77@yahoo.com>
Cc: freebsd-questions@freebsd.org, marcs@draenor.org
Subject: Re: ppp -nat or natd?
Message-ID: <20010719151836.B28635@cartman.techsupport.co.uk>
References: <014d01c10ebc$fe3ee5e0$0200a8c0@mark2> <3B554F28.89960778@i-clue.de> <20010718122504.C22510@cartman.techsupport.co.uk> <20010718191915.C51074@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010718191915.C51074@localhost>; from ipthomas_77@yahoo.com on Wed, Jul 18, 2001 at 07:19:15PM -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Wed, Jul 18, 2001 at 07:19:15PM -0400, User & Ian Patrick Thomas said:
> As it was put forth by Ceri on Wed, Jul 18, 2001 at 12:25:04PM +0100...
> > On Wed, Jul 18, 2001 at 10:56:08AM +0200, Christoph Sold said:
> > > Anyhow, having an external dynamic IP combined with ipfw would be a
> > > major hassle.
> >  
> > Why ?
> > Can't you just use the -u and -dynamic flags to natd and use the interface
> > name in your ipfw ruleset ?
> > 
> > I'm not having a go, but I'm going to be in this situation soon and that was
> > my plan.  Will it not work ?
> > 
> 	You can use ipfw fairly easily with a dynamic IP externally.  Check out
> this link
> 
> www.freebsd.org/tutorials/dialup-firewall/index.html

Excellent, that's pretty much exactly what I had planned (except for the
PPP bit - this is going to be on a cable modem).
I just got a freaked out when Christoph said it was hassle.

By the way, the section regarding options TCP_RESTRICT_RST needs updating as
that option no longer exists (hence cc'd to marcs@draenor.org).

Ceri

-- 
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message