From owner-freebsd-questions Tue Sep 29 10:56:43 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA05325 for freebsd-questions-outgoing; Tue, 29 Sep 1998 10:56:43 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.force9.co.uk [195.166.136.63]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA05118 for ; Tue, 29 Sep 1998 10:55:38 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from woof.lan.awfulhak.org (root@woof.lan.awfulhak.org [172.16.0.7]) by awfulhak.org (8.8.8/8.8.8) with ESMTP id SAA24562; Tue, 29 Sep 1998 18:54:46 +0100 (BST) (envelope-from brian@Awfulhak.org) Received: from woof.lan.awfulhak.org (brian@localhost [127.0.0.1]) by woof.lan.awfulhak.org (8.9.1/8.9.1) with ESMTP id PAA19077; Tue, 29 Sep 1998 15:20:51 +0100 (BST) (envelope-from brian@woof.lan.awfulhak.org) Message-Id: <199809291420.PAA19077@woof.lan.awfulhak.org> X-Mailer: exmh version 2.0.2 2/24/98 To: CP4@mead.com cc: questions@FreeBSD.ORG Subject: Re: NATD vs. IPFILTER In-reply-to: Your message of "Mon, 28 Sep 1998 09:53:11 EDT." <8525668D.004B6788.00@dayton2.mead.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 29 Sep 1998 15:20:50 +0100 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Hi, > > I have searched the mailing list archives but have not found a definitive > answer for this question. > > I would like to do NAT with a freebsd box. The box is a spare 486 dx2/50 > with 40 MB that I have laying around. > What I would like to know is: Between natd and ipfilter, which is faster, > has lower memory footprint , and uses the least amount of cpu? I would have thought that ipfilter should be faster, implying less use of the cpu. WRT the memory footprint, I have no idea - they're *probably* roughly the same. However, natd does things that I'd be hugely surprised if ipfilter does. Specifically, natd supports ``r''commands, non-passive FTP, CuSeeMe, NetBIOS & IRQ transparently. It's also easy (and unlikely to be affected by OS upgrades) to add your own special protocol support (src/lib/libalias/alias_*.c). > This is important to me because I also plan on running a small webserver on > the same box and a small ( 1 host ) domain on the box. Shouldn't be a problem with either (you probably wouldn't notice the speed difference). > Thanks, > C.P. -- Brian , , Don't _EVER_ lose your sense of humour.... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message