Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 30 Jul 2002 13:32:46 +0000
From:      Philip Reynolds <philip.reynolds@rfc-networks.ie>
To:        freebsd-ipfw@freebsd.org
Subject:   Re: 4.6-RELEASE / NATD + IPFW + keep-state
Message-ID:  <20020730133246.A18016@rfc-networks.ie>
In-Reply-To: <20020730055722.GD89241@blossom.cjclark.org>; from crist.clark@attbi.com on Mon, Jul 29, 2002 at 10:57:22PM -0700
References:  <20020729144758.A11849@rfc-networks.ie> <20020730055722.GD89241@blossom.cjclark.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
"Crist J. Clark" <crist.clark@attbi.com> 19 lines of wisdom included:
> On Mon, Jul 29, 2002 at 02:47:58PM +0000, Philip Reynolds wrote:
> > Hi,
> > 
> > I'm having a few problems with using natd and ipfw.
> > 
> > Originally, I was having serious serious problems trying to get
> > stateful firewalling working with NAT. 
> 
> This is a FAQ,
> 
>   http://docs.freebsd.org/cgi/getmsg.cgi?fetch=13412+0+archive/2002/freebsd-net/20020217.freebsd-net

using ``via'' helped along the way and the setup is currently
working.

What was needed was a specification of the public interface _only_
for the ``NATD'' rule in conjunction with a specification of the
private interface _only_ for the ``keep-state'' rule. 

Unfortunately tweaking my rules before, I must have missed this
combination, although I'm not sure how.

Thanks for to Crist and Boris for their help.

Regards,
-- 
Philip Reynolds                  | Technical Director
philip.reynolds@rfc-networks.ie  | RFC Networks Ltd.
http://www.rfc-networks.ie       | +353 (0)1 8832063

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20020730133246.A18016>