From owner-freebsd-questions@FreeBSD.ORG Wed Feb 9 11:16:47 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E8FA5106564A for ; Wed, 9 Feb 2011 11:16:47 +0000 (UTC) (envelope-from dan@slightlystrange.org) Received: from catflap.slightlystrange.org (cpc2-cmbg14-2-0-cust883.5-4.cable.virginmedia.com [86.26.3.116]) by mx1.freebsd.org (Postfix) with ESMTP id A22CA8FC08 for ; Wed, 9 Feb 2011 11:16:47 +0000 (UTC) Received: from dan by catflap.slightlystrange.org with local (Exim 4.73 (FreeBSD)) (envelope-from ) id 1Pn82Q-000KHm-HS for freebsd-questions@freebsd.org; Wed, 09 Feb 2011 11:16:46 +0000 Date: Wed, 9 Feb 2011 11:16:46 +0000 From: Daniel Bye To: freebsd-questions@freebsd.org Message-ID: <20110209111646.GD3267@catflap.slightlystrange.org> Mail-Followup-To: freebsd-questions@freebsd.org References: <4D515148.3000009@herveybayaustralia.com.au> <20110208151849.GC3267@catflap.slightlystrange.org> <4D51CD05.8040003@herveybayaustralia.com.au> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="FoLtEtfbNGMjfgrs" Content-Disposition: inline In-Reply-To: <4D51CD05.8040003@herveybayaustralia.com.au> User-Agent: Mutt/1.4.2.3i X-PGP-Fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A X-Operating-System: FreeBSD 8.2-PRERELEASE amd64 Sender: Daniel Bye Subject: Re: pf, binat, rdr, and one ip X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Bye List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Feb 2011 11:16:48 -0000 --FoLtEtfbNGMjfgrs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Feb 09, 2011 at 09:08:53AM +1000, Da Rock wrote: > On 02/09/11 01:18, Daniel Bye wrote: > >On Wed, Feb 09, 2011 at 12:20:56AM +1000, Da Rock wrote: > > =20 > >>A very quick question. > >> > >>PF firewall. One static public IP. About 6 servers on the internal > >>network (dmz). One server binat in the pf.conf, the rest redirected. > >> > >>Possible? Or would it die in the hole? > >> =20 > >I guess you're concerned about performance and resource usage? If so, th= is > >may be helpful. > > > >http://www.openbsd.org/faq/pf/perf.html > > > >Dan > > =20 > Useful info to have, thanks. But no, I'm interested in if the binatting= =20 > will interfere with the rdr's (or vice versa). Ah, I see. I don't know, is the straight answer - I've never needed to use both together. A bit of idle googling seems to suggest it's possible, but I don't have time right now to dig any deeper. Dan --=20 Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ --FoLtEtfbNGMjfgrs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAk1Sd54ACgkQixf5fBYiFmoK/QCg3wL1RNAah56r6mJtnqwAUYwn mScAoLvWCQ0aM1s5zhWIMn0xmlckg8Rt =f3aL -----END PGP SIGNATURE----- --FoLtEtfbNGMjfgrs--