From owner-freebsd-net  Mon May 31 14: 7: 3 1999
Delivered-To: freebsd-net@freebsd.org
Received: from homer.web-ex.com (homer.web-ex.com [209.54.66.254])
	by hub.freebsd.org (Postfix) with ESMTP id A351114A2E
	for <net@FreeBSD.ORG>; Mon, 31 May 1999 14:07:00 -0700 (PDT)
	(envelope-from jim@web-ex.com)
Received: from localhost (jim@localhost)
	by homer.web-ex.com (8.9.3/8.9.3) with ESMTP id SAA22245
	for <net@FreeBSD.ORG>; Mon, 31 May 1999 18:01:31 GMT
	(envelope-from jim@web-ex.com)
X-Authentication-Warning: homer.web-ex.com: jim owned process doing -bs
Date: Mon, 31 May 1999 18:01:31 +0000 (GMT)
From: Jim Cassata <jim@web-ex.com>
To: net@FreeBSD.ORG
Subject: Re: natd question
In-Reply-To: <199905311745.TAA19533@labinfo.iet.unipi.it>
Message-ID: <Pine.BSF.4.10.9905311800010.22215-100000@homer.web-ex.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> yes, i already did that, and in fact at least natd only sees useful
> pkts now. However there is still a couple of useless passes through the
> firewall code (once a pkt is diverted, you know what to do with it, no
> need to do further analysis), plus having forwarding enabled makes
> me feel a bit uncomfortable...
> 
IP forwarding is no risk when you are running "unroutable IPs" on the
private side.

Jim Cassata

516.421.6000
jim@web-ex.com

Web Express
20 Broadhollow Road
Suite 3011
Melville, NY 11747



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message