At 11:27 27/02/01 -0800, Dennis Dai wrote:
>Hmm, I didn't even think of that. All in my mind was ipnat rules are
>"first match" as oppose to "last match" in ipf rules. So I was thinking
>once an ipnat rules match the packet, that's it and no more rules will
>be applied to the packet...
Hopefully, there is nat in and nat out!
>I did some experiment immediately on my OpenBSD 2.8 box, and it worked
>as expected!!! So I'd assume the nat rules will be applied to the packet
>whenever it passes through an interface - once when it passes the
>external, once when it passes internal, right?
Yes, it works because map and rdr are not applied at the same place
(not on the same interface).
>Anyway, it worked! I owe you a million thanks, mouss :-)
happy to know you're happy:-)
cheers,
mouss
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
