From owner-freebsd-stable Mon Nov 6 15:38: 0 2000 Delivered-To: freebsd-stable@freebsd.org Received: from shalimar.net.au (shalimar.net.au [198.142.161.98]) by hub.freebsd.org (Postfix) with ESMTP id 14A9F37B4CF for ; Mon, 6 Nov 2000 15:37:54 -0800 (PST) Received: from shalimar.net.au (localhost [127.0.0.1]) by shalimar.net.au (8.11.1/8.11.1) with SMTP id eA6NbeQ54728 for ; Tue, 7 Nov 2000 10:37:41 +1100 (EST) (envelope-from count@shalimar.net.au) From: Zero Sum Organization: Tobacco Chewers and Body Painters Association. Date: Tue, 7 Nov 2000 10:37:40 +1100 X-Mailer: KMail [version 1.1.99] Content-Type: text/plain; charset="us-ascii" To: stable@FreeBSD.ORG References: <3A05D143.8DF86396@cuk.nu> <3A06DD19.7F055C8B@enc.edu> <20001106123849.A53955@dragon.nuxi.com> In-Reply-To: <20001106123849.A53955@dragon.nuxi.com> Subject: Re: rc.firewall script & natd on 4.1.1 MIME-Version: 1.0 Message-Id: <00110710374004.54481@shalimar.net.au> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- On Tuesday 07 November 2000 07:38, you wrote: > On Mon, Nov 06, 2000 at 11:32:25AM -0500, Charles N. Owens wrote: > > Whatever the cause (I haven't had time to dig) I've boiled this down to > > the bizarre observation that natd refuses to start until the PPP > > connection has been established. > > Why are you using `natd' with PPP? PPP has built-in NAT and firewall > functionality. > !. Does it indeed? If you have a working PPP firewall, I'd love to see your config. I have put quite a bit of time on this, and it does not work "as advertised". 2. PPP firewalling is limited. It is limited to the PPP port for a start. There may be other interfaces to the machine. This requires either ipfw or ipfilter. There may be more rules required than PPP permits. Geoff -- count@shalimar.net.au Nihil curo de ista tua stulta superstitione -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: 4YgKOe6YEoQ+Rl2/GAsnExE+T26tBar0 iQA/AwUBOgdAxPh4xz7LU/evEQJUHQCdH6yHvLM0jYwo9AmIf3FVu1YN1XoAoL4X GIQeYxI2mgtJZJf94it1KOac =ctJs -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message