Date: Mon, 13 May 2002 21:58:12 -0800 From: John Andersen <jsa@pen.homeip.net> To: questions@FreeBSD.ORG Subject: Re: IPFW with NATD question... Message-ID: <200205140558.g4E5wDE24083@pen.homeip.net> In-Reply-To: <Pine.BSF.4.21.0205131102090.50364-100000@cody.jharris.com> References: <Pine.BSF.4.21.0205131102090.50364-100000@cody.jharris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 13 May 2002 08:14 am, Nick Rogness wrote: > On Mon, 13 May 2002, Max Clements wrote: > > I have IPFW running as my firwall to the 'net with natd for the > > translation. > > > > Problem is using natd with the divert socket to divert all traffic to > > natd, you end up with a situation where you cannot use stateful rules (at > > least I can't figure a way out) as an example: > > This assumption is correct for the most part. There are ways to > get around it but your state table grows x2 the size it should > (keep a state table before and after translation). > > Oh for pete sake! You want to know how many days I've been tearing my hair out trying to resolve exactly this problem!!! Glad I ran into this post. Shorewall under linux was SO easy, i figured FreeBSD would be similar. -- _________________________________________________ No I Don't Yahoo! And I'm getting pretty sick of being asked if I do. _________________________________________________ John Andersen / Juneau Alaska To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205140558.g4E5wDE24083>