From owner-freebsd-questions@FreeBSD.ORG Sun Jun 26 19:25:26 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 784E016A41C for ; Sun, 26 Jun 2005 19:25:26 +0000 (GMT) (envelope-from njt@ayvali.org) Received: from wave.geekisp.com (wave.geekisp.com [204.89.131.77]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0FDE943D4C for ; Sun, 26 Jun 2005 19:25:25 +0000 (GMT) (envelope-from njt@ayvali.org) Received: (qmail 30485 invoked by uid 5077); 26 Jun 2005 19:25:24 -0000 Date: Sun, 26 Jun 2005 15:25:24 -0400 From: "N.J. Thomas" To: freebsd-questions@freebsd.org Message-ID: <20050626192524.GL9794@ayvali.org> References: <200506241731.13651.martin@orbweavers.co.uk> <08A3A012657D73D10A220154@Paul-Schmehls-Computer.local> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <08A3A012657D73D10A220154@Paul-Schmehls-Computer.local> User-Agent: Mutt/1.4.2i Subject: Re: firewall on FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jun 2005 19:25:26 -0000 * Paul Schmehl [2005-06-24 12:58:51 -0500]: > I've been using pf for a few years now, and I've never had problems > understanding the syntax or how it works (but I also never do NAT, so > that might be the reason it seems easy to me.) Yes, pf is great, but doing NAT with pf is also just as easy to understand. It depends on what you are doing, but for most people using NAT is as easy turning on ip forwarding via sysctl and adding a single line to your pf.conf configuration file ("nat on $ext_if..."). Thomas -- N.J. Thomas njt@ayvali.org Etiamsi occiderit me, in ipso sperabo