Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!news.maxwell.syr.edu!europa.clark.net!newsfeed2!news.easystreet.com!not-for-mail From: tedm@portsoft.com Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: IPFW, NAT and IP Masquerading Date: 17 Apr 1997 07:38:14 GMT Organization: Easystreet Online Services Lines: 14 Message-ID: <5j4k16$sjc$17@easystreet03> References: <01bc4435$e938cae0$0c428c8c@zloty.brooks.af.mil> <334a81ef.604167869@news.us.world.net> <5iem8h$3lp$1@phoenix.kfu.com> Reply-To: tedm@portsoft.com NNTP-Posting-Host: mail.portsoft.com X-Newsreader: IBM NewsReader/2 v1.2.5 Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:39202 In <5iem8h$3lp$1@phoenix.kfu.com>, nsayer@quack.kfu.com (Nick Sayer) writes: >michaele@mxim.com-ANTISPAM- (Michael Enkelis) writes: > >>What I now need to ask is if NATD can co-exist with IPFW running >>real firewall rules, not a "pass all" mode as programmed by NATD? > >Sure. Put the natd rules last. You want to do all of the pass/reject >decisions before you do the address translation. > I'd be really interested to see your set of mixed ipfw and nat rules. I've just set up natd, and I'd like to add some additional ipfw rules, and it would be handy to have a template to work from.